Re: any success with postfix + dkimpy-milter outbound DKIM signing -- with ed25519 keys?

PGNet Dev Mon, 26 Oct 2020 07:08:46 -0700

On 10/26/20 4:19 AM, Patrick Ben Koetter wrote:

There's only *one* SigningTable, but there are two KeyTables – one for rsa and
the other one for ed25519. Maybe you are using an older version of
dkimpy-milter. IIRC it had a related error in the man page.


oops, typo.

yep, I've one ST & 2 KTs, one each for rsa & ed25519

using latest available via pip, v1.2.2. can try master branch.

Yes. I use it on mailop.org.


thx!

ok. so it's local ...


how are you generating your ed25519 data?

for rsa, here, _either_ 'dknewkey' or 'openssl genrsa (etc)' works fine.

for the ed25519, i get different fails -- in error logs -- with 'dknewkey' or 
'openssl genpkey (etc)'.

atm, with 'dknewkey' generated data, on attempted ed25519 signing I'm seeing: 
"sign_dkim: The seed must be exactly 32 bytes long"

i know README says "in order to generate Ed25519 keys for dkimpy-milter, dkimpy 
specific tools
 must be used to be compatible
"


tho, i don't yet know _what_ the differences actually are ...

Re: any success with postfix + dkimpy-milter outbound DKIM signing -- with ed25519 keys?

Reply via email to