Paul Hoffman wrote:
Interesting issues; see below.
At 4:54 PM -0800 3/30/06, Jim Fenton wrote:
> The hash is computed using the hash algorithm
> that is used in the signing algorithm (taken from the "a=" tag),
using "simple" header canonicalization on the DKIM-Signature
I believe that some signer and verifier APIs have trouble handling
"simple" canonicalization because they don't present the whole header
field. It may be problematic to mandate "simple" here; why not use the
same header canonicalization specified for the signature?
I'm open to that change; I thought "simple" was the easiest, but maybe
not. How do others feel about this?
My experience doing interop testing says to stay away from simple as
much as possible. It doesn't interop well.
NOTE WELL: This list operates according to