SHA-1 was SHOULD NOT for a decade, but still in too wide of use, so we
chartered DCRUP at the IETF to deprecate it (and keys < 1024 bits) and also
to separately add ed25519.
Here's the RFC deprecating SHA-1: https://datatracker.ietf.org/doc/rfc8301/
Chances are both your examples are using the
How is everyone handling senders that sign their emails with RSA-SHA1 DKIM
keys?
I'm a bit surprised to see eBay and Match.com sending out messages using
SHA-1.
I'm seeing a lot of signatures coming in that use SHA-1 but most of the
domains are questionable at best. But eBay and Match.com