aither/simple-nixos-mailserver
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'dkim-ed25519-warn' into 'master'

Browse Source 
Warn about ED25519 DKIM usage

See merge request simple-nixos-mailserver/nixos-mailserver!473
This commit is contained in:
Martin Weinelt
2025-12-03 12:02:16 +00:00
parent 0d27ef2912 7d359e3ff5
commit 1ccd57f177
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
default.nix
+5
View File
@@ -999,6 +999,11 @@ in
description = '' description = ''
The key type used for generating DKIM keys. ED25519 was introduced in RFC6376 (2018). The key type used for generating DKIM keys. ED25519 was introduced in RFC6376 (2018).
:::{warning}
ED25519 DKIM keys are currently not recommended for primary use, as
various DKIM validators out there lack support and consider the keypair invalid.
:::
If you have already deployed a key with a different type than specified If you have already deployed a key with a different type than specified
here, then you should use a different selector ({option}`mailserver.dkimSelector`). In order to get here, then you should use a different selector ({option}`mailserver.dkimSelector`). In order to get
this package to generate a key with the new type, you will either have to this package to generate a key with the new type, you will either have to