Update README and Changelog for release.

ChangeLog

@@ -1,14 +1,14 @@
-UNRELEASED Version 0.7.0
+2018-02-07 Version 0.7.0
-    - Initial ed25519 implementation based on draft-ietf-dcrup-dkim-crypto-08
+    - Initial ed25519 implementation based on draft-ietf-dcrup-dkim-crypto
-      experimental - IETF draft, design not finalized
+      experimental - IETF draft, design not finalized, See README for details
     - Port dkimsign.py to use argparse; now gives standard usage message and
       is more extensible
     - Add command line options to dkimsign.py to select header and body
       canonicalization algorithmns (LP: #1272724)
     - Add command line option to dkimsign.py to select signing algorithm
     - For dknewkey.py make default to include h=sha256 in the DNS record to
-      exclude usage with sha1.  Can be overriden.
+      exclude usage with sha1.  Can be overriden
-    - Update ARC processing to current draft.
+    - Update ARC processing to current draft
     - Fix arcverify tag requirements (LP: #1710312)
     - Fix empty body canonicalization for relaxed canonicalization (LP: #1727319)
        * Thanks to Matthew Palmer for the report and the proposed fix

README

@@ -94,6 +94,15 @@ verifying rsa-sha1 signatures.  There are still some significant users of
 rsa-sha1 signatures, so operationally it's premature to disable verification
 of rsa-sha1.
 
+As of version 0.7, experimental signing and verifying of DKIM Ed25519
+signatures is supported as described in draft-ietf-dcrup-dkim-crypto:
+
+https://datatracker.ietf.org/doc/draft-ietf-dcrup-dkim-crypto/
+
+The dkimpy 0.7 implementation matches the -08 revision of the draft, except it
+uses Ed25519 vice Ed25519ph (a change to Ed25519 is planned for -09, but that
+had not been published yet as of the release of dkimpy 0.7).
+
 Three helper programs are also supplied: dknewkey.py, dkimsign.py and
 dkimverify.py.