bartbutler
commented
3 years ago Agreed, we'll look into this.
Closed ghost closed 3 years ago
bartbutler
commented
3 years ago Agreed, we'll look into this.
ghost
commented
3 years ago Here are some extracts from incoming message header:
Authentication-Results: mailinxxx.protonmail.ch; dkim=permerror (0-bit key) Dkim-Signature: v=1; a=ed25519-sha256; c=relaxed/simple;
Custom domains hosted at ProtonMail should use ed25519-sha256 signing algorithm instead of RSA.
Because the previous DKIM RSA record was too long and needed to break it into multiple lines, ProtonMail come up with the CNAME record solution with the similar values for custom domains as the following: protonmail.domainkey.xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.domains.proton.ch.
However, with the ed25519-sha256 signing algorithm the TXT record would be this long:
selector._domainkey.domain IN TXT "v=DKIM1; k=ed25519; p=11qYAYKxCrfVS/7TyWQHOg7hcvPapiMlrwIaaPcHURo="
Significantly faster, and smaller, and so it is recommended for DNS. Regarding the ed25519-sha256 signing algorithm, see RFC 8463: https://tools.ietf.org/html/rfc8463
bartbutler
commented
3 years ago The CNAME system is actually so we can handle key rotation automatically on behalf of our customers, not for length reasons.
ghost
commented
3 years ago Yes, I forgot that. However, the previous system was a disaster because the RSA record was way too long, and it was not broken into multiple lines which prevented the DNS zone to be signed with DNSSEC.
Anyway, ProtonMail should not throw the ed25519-sha256 signed email to spam. (dkim=permerror)
glroman
commented
2 years ago And...what is the status here? Does PM support inbound or outbound emails with DKIM Ed25519-signatures? Or are we still in RSA land?
Any email which is signed with ed25519 DKIM signatures will be delivered directly to the spam folder which is pretty absurd.
@bartbutler