On Wed, 13 Jun 2007, Eric Allman wrote:
Ah. I think the problem is that you need to append the \r\n on b=
before you sign. You're adding it after signing.
Actually the CRLF should not be there when you feed the header to
canonicalization (RFC4871 3.7). Therefore the algorithm you presented
appears to be correct, but that's not code or actual data so it's hard to
say what's actually gone wrong.
If you send a test message to sa-test(_at_)sendmail(_dot_)net and have a DK-style
policy published with a special flag set, our auto-responder will reply to
you with the canonicalizations it generated when receiving your message.
When you get those back, you can diff what we saw against what you sent
and figure out what's gone wrong.
The special flag is "r=", e.g.:
t=y; o=~; r=user(_at_)domain
...will cause a failure report to be sent to "user(_at_)domain".
--
Murray S. Kucherawy =========================================
msk(_at_)sendmail(_dot_)com
Principal Engineer Sendmail, Inc. Emeryville, CA, USA
(510) 594-5400 http://www.sendmail.com
_______________________________________________
dkim-dev mailing list
dkim-dev(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-dev