> On 1 Aug 2021, at 1:21 am, Eric Germann via dns-operations > <[email protected]> wrote: > > > From: Eric Germann <[email protected]> > Subject: Registrars supporting ED25519 > Date: 1 August 2021 at 1:21:39 am AEST > To: [email protected] > > > I’m doing some work on my own test domains with ED25519. > > Does anyone know of any registers that support ED25519? > > Is there a list somewhere? >
On this topic, I note that Joao Damas and I tested the level of support for DNSSEC validation using ED25519 in May and June this year. The writeup of this measurement can be found at https://www.potaroo.net/ispcol/2021-06/eddi.html. At this stage a number of large ISPs that operate DNS services perform DNSSEC validation do not support this particular algorithm, and the level of support in DNSSEC-validators is in total some 50% of the level of support for RSA and ECDSA P-256. This may change in the future of course, but at this stage it does not appear to offer any compelling features that stand it apart from ECDSA P-256, and some significant differences in the lack of algorithm support in validating resolvers. Geoff _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations
