is ed25519 keys only useful if the server checking the public key can decode ed25519 keys?

Asked by Danie de Jager

ED25519 was only added to OpenSSL 1.1.1 hence being a new signature scheme is it viable to start using it yet? Do I have to wait for everyone to update their MTAs' to support ED25519 first?

I'm hoping to use dkimpy to play a role to automate key-rotation.

Question information

English Edit question
dkimpy Edit question
No assignee Edit question
Solved by:
Scott Kitterman
Last query:
Last reply:
Revision history for this message
Best Scott Kitterman (kitterman) said :

dkimpy uses libsodium, not openssl for Ed25519, so openssl version isn't relevant dkimpy.

Currently it would not be very effective to sign using only Ed25519. The current best practice is to double sign rsa-sha256 and ed25519=-sha256. This is very similar to how when DKIM was originally fielded it was encourages to sign rsa-sha1 and rsa-sha256 since not everyone could verify rsa-sha256 at the time.

Revision history for this message
Danie de Jager (danie.dejager) said :

Thank you for your input in helping me better understand.

Revision history for this message
Danie de Jager (danie.dejager) said :

Thanks Scott Kitterman, that solved my question.