IETF Logo Mail Archive

Re: [Ietf-dkim] Fwd: Re: [..] Recommendation for dkim signing

Scott Kitterman <ietf-dkim@kitterman.com> Wed, 06 March 2024 22:29 UTC

Return-Path: <ietf-dkim@kitterman.com>
X-Original-To: ietf-dkim@ietfa.amsl.com
Delivered-To: ietf-dkim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9F64AC14F680 for <ietf-dkim@ietfa.amsl.com>; Wed, 6 Mar 2024 14:29:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.107
X-Spam-Level:
X-Spam-Status: No, score=-7.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=kitterman.com header.b="haalk0YX"; dkim=pass (2048-bit key) header.d=kitterman.com header.b="S90LptJz"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3sg-Q0pHhTut for <ietf-dkim@ietfa.amsl.com>; Wed, 6 Mar 2024 14:29:05 -0800 (PST)
Received: from interserver.kitterman.com (interserver.kitterman.com [64.20.48.66]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7FE3EC14F603 for <ietf-dkim@ietf.org>; Wed, 6 Mar 2024 14:29:05 -0800 (PST)
Received: from interserver.kitterman.com (interserver.kitterman.com [64.20.48.66]) by interserver.kitterman.com (Postfix) with ESMTPS id 92BE1F80132; Wed, 6 Mar 2024 17:28:22 -0500 (EST)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903e; t=1709764088; h=date : from : to : subject : in-reply-to : references : message-id : mime-version : content-type : content-transfer-encoding : from; bh=ypNJyiqAgh16AJLgpiv+r7XhVozp5EWxJ2PP63WX1Tc=; b=haalk0YXACyxH2ipXLyGlyWIBBYMpTJ8nEFuDez2FS/2rqCOAJ75Vq2HXLafRKJ05ul/3 8DK0Fs+RULraBFMBQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903r; t=1709764088; h=date : from : to : subject : in-reply-to : references : message-id : mime-version : content-type : content-transfer-encoding : from; bh=ypNJyiqAgh16AJLgpiv+r7XhVozp5EWxJ2PP63WX1Tc=; b=S90LptJzySGwLLC7mugdeFvIU0+3mjRz2V5hhQePy90fS75cOWdiK4P4Ru/fqhStoM90v z6XnUYLDu1WAIqiddONI653+GJyKVl7G/fPacrTIlNFHLdcJ664kV0y9jsGEkMgFTelfGZv l+19ox0Sggt4r+C+6nJz89XaOCgEsZ9BUHxrm2/NJMFAVlroXeTwKpYVXE4YOQn1ZZWfaGF 9KthvCEUIHZd3ob4Hs6kKFB62LXX7yATKIFEsGhoIDDXyZlHQUTMp31A6khPo0EKtQbOywT oqG/Uw/wKJ6E4aySeT1P+RYm9Y6UC12wWi6dRG22LKHwBMxLc+UOInGnqd3w==
Received: from [127.0.0.1] (mobile-166-170-32-217.mycingular.net [166.170.32.217]) by interserver.kitterman.com (Postfix) with ESMTPSA id B947DF8010C; Wed, 6 Mar 2024 17:28:07 -0500 (EST)
Date: Wed, 06 Mar 2024 22:28:01 +0000
From: Scott Kitterman <ietf-dkim@kitterman.com>
To: ietf-dkim@ietf.org
In-Reply-To: <20240306215650.uXHHYo2j@steffen%sdaoden.eu>
References: <20240306215650.uXHHYo2j@steffen%sdaoden.eu>
Message-ID: <C9EF0654-C410-46DC-B9A7-716E3ECA0B4E@kitterman.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-dkim/UG2vISX4muvAg1uQvCMpt-UUpUE>
Subject: Re: [Ietf-dkim] Fwd: Re: [..] Recommendation for dkim signing
X-BeenThere: ietf-dkim@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DKIM List <ietf-dkim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-dkim/>
List-Post: <mailto:ietf-dkim@ietf.org>
List-Help: <mailto:ietf-dkim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Mar 2024 22:29:09 -0000


On March 6, 2024 9:56:50 PM UTC, Steffen Nurpmeso <steffen@sdaoden.eu> wrote:
>--- Forwarded from Steffen Nurpmeso <steffen@sdaoden.eu> ---
>Date: Wed, 06 Mar 2024 22:49:48 +0100
>Author: Steffen Nurpmeso <steffen@sdaoden.eu>
>From: Steffen Nurpmeso <steffen@sdaoden.eu>
>...
>Subject: Re: [pfx] Recommendation for dkim signing
>Message-ID: <20240306214948.V5gSjSiU@steffen%sdaoden.eu>
>...
>
>...
>So now that i have DKIM myself i tested.
>And *no* verification software i can reach actually supports
>Ed25519-sha256 as of RFC 8463 from September 2018!

In addition to my dkimpy-milter, exam supports it and believe opendkim does as well.  Their combined market share no doubt rounds to zero, but the software does exist.

This isn't horrible.  The main reason for RFC 8463 was, in my view, as a hedge for some discovery that suddenly made RSA obsolete, which hasn't happened yet.  From a standards perspective, it is there if needed.

Scott K

v2.23.0 | Report a Bug | By Email