On 10/15/10 8:40 AM, Mark Delany wrote:
Yes, it does. The only question is to devise normative statements
correctly, e.g. MUST duplicate "From", SHOULD duplicate the rest.
This is _not_ a kludge. It is how DKIM signing works (Section 5.4).
Are we worried about wasting 100~200 bytes per signature? (I get ~4Kb
headers nowadays, so that is about 3% of it.) Introducing an
abbreviation --e.g. an h2 tag-- is considerably clearer from an
algorithm developer's POV.
Well, if you want to introduce semantic changes why not just change
the meaning of h=from:to: to be semantically identical to
Old verifiers still work as well as they do today, new verifiers work
better and virtually all existing signers still work (excepting those
that sign a subset of legitimately repeating headers - which must be
In either cases, the implementation changes are about the same, but
the spec is simpler.
Agreed. But use of the h=from:from prevents one mode of exploitation,
because this requirement until now had not been made explicit.
NOTE WELL: This list operates according to