diff --git a/admin/admin.go b/admin/admin.go
index 7c91463..296d039 100644
--- a/admin/admin.go
+++ b/admin/admin.go
@@ -192,14 +192,6 @@ func MakeDomainConfig(ctx context.Context, domain, hostname dns.Domain, accountN
 		return nil
 	}
 
-	addEd25519 := func(name string) error {
-		key, err := MakeDKIMEd25519Key(dns.Domain{ASCII: name}, domain)
-		if err != nil {
-			return fmt.Errorf("making dkim ed25519 private key: %s", err)
-		}
-		return addSelector("ed25519", name, key)
-	}
-
 	addRSA := func(name string) error {
 		key, err := MakeDKIMRSAKey(dns.Domain{ASCII: name}, domain)
 		if err != nil {
@@ -208,23 +200,17 @@ func MakeDomainConfig(ctx context.Context, domain, hostname dns.Domain, accountN
 		return addSelector("rsa2048", name, key)
 	}
 
-	if err := addEd25519(year + "a"); err != nil {
+	if err := addRSA(year + "a"); err != nil {
 		return config.Domain{}, nil, err
 	}
 	if err := addRSA(year + "b"); err != nil {
 		return config.Domain{}, nil, err
 	}
-	if err := addEd25519(year + "c"); err != nil {
-		return config.Domain{}, nil, err
-	}
-	if err := addRSA(year + "d"); err != nil {
-		return config.Domain{}, nil, err
-	}
 
 	// We sign with the first two. In case they are misused, the switch to the other
 	// keys is easy, just change the config. Operators should make the public key field
 	// of the misused keys empty in the DNS records to disable the misused keys.
-	confDKIM.Sign = []string{year + "a", year + "b"}
+	confDKIM.Sign = []string{year + "a"}
 
 	confDomain := config.Domain{
 		ClientSettingsDomain:       "mail." + domain.Name(),
diff --git a/webadmin/admin.go b/webadmin/admin.go
index 824566b..6b92194 100644
--- a/webadmin/admin.go
+++ b/webadmin/admin.go
@@ -1046,12 +1046,7 @@ EOF
 		defer wg.Done()
 
 		var missing []string
-		var haveEd25519 bool
 		for sel, selc := range domConf.DKIM.Selectors {
-			if _, ok := selc.Key.(ed25519.PrivateKey); ok {
-				haveEd25519 = true
-			}
-
 			_, record, txt, _, err := dkim.Lookup(ctx, log.Logger, resolver, selc.Domain, domain)
 			if err != nil {
 				missing = append(missing, sel)
@@ -1090,8 +1085,6 @@ EOF
 		}
 		if len(domConf.DKIM.Selectors) == 0 {
 			addf(&r.DKIM.Errors, "No DKIM configuration, add a key to the configuration file, and instructions for DNS records will appear here.")
-		} else if !haveEd25519 {
-			addf(&r.DKIM.Warnings, "Consider adding an ed25519 key: the keys are smaller, the cryptography faster and more modern.")
 		}
 		instr := ""
 		for _, sel := range missing {