ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Not exactly not a threat analysis

2005-08-17 12:22:01
from [Earl Hood] [Permanent Link] 
On August 17, 2005 at 19:29, Tony Finch wrote:


How do you look for the first signature that matters?  If the first
(however you decide to examine the message headers -- top-to-bottom,
bottom-to-top, random?)  DKIM-Signature lists another DKIM-Signature
as the list of fields included in the signature, which DKIM-Signature
field should be included during the crypto verification process?


The DKIM-Signature field which lists one fewer DKIM-Signature field in its
list of signed header fields.


This assumes that a signer will always sign all existing DKIM-Signature
fields present and that re-ordering has not happened.

--ewh
_______________________________________________
ietf-dkim mailing list
http://dkim.org
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Not exactly not a threat analysis, Keith Moore
Next by Date:  Re: [ietf-dkim] Not exactly not a threat analysis, Michael Thomas
Previous by Thread:  Re: [ietf-dkim] Not exactly not a threat analysis, Tony Finch
Next by Thread:  Re: [ietf-dkim] Not exactly not a threat analysis, John Levine
Indexes:  [Date] [Thread] [Top] [All Lists]