A. Schulze

@kvspb Hello! Is there anything I could do to assist?

I tried the master branch after https://github.com/NLnetLabs/nsd/commit/1c1958473f8e8e138514658b7ff0569bdacf00b6 SVCB and HTTPS Support works so far, NSD could serve (my simple) records. But `nsd-checkzone` still fail to understand these records.

there are two known examples: `drinkerei.com` and `mirissima.de`, both hosted at [ns11|ns12].jimdo.com see also [this thread](https://lists.dns-oarc.net/pipermail/dns-operations/2021-January/020863.html)

meanwhile both domains fixed the nameserver ...

this would be valueable also for me

An expired signature has an other semantic than a messages that cannot be validated because of the missing public key. Yes, there is no huge difference. I see it more...

I write a program that consume email messages and extract xml_content https://andreasschulze.de/tmp/parse_emails_with_xml_data.py.txt this program read my corpus of ~12k reports I received and send over tha last years without errors....

@martinbogo I wonder, which "other supported hashalgs" you've in mind. I checked the [IANA registry](https://www.iana.org/assignments/dkim-parameters/dkim-parameters.xhtml#dkim-parameters-7) that list only sha1 (historic) and sha256 (active) But it may be possible, other hashalgs...

I learned this change would create an incomatible change. We like to avoid breaking changes. OK. @mskucherawy I've no detailed idea how to determine "SHA1 use, except when that's the...

no, don't do that. My branch `builder` is indented to be a "final result" for private purposes. I've to better document, which changed against `trusteddomainproject/opendmarc:develop` I applied. Then *this* changes...