Which is just the opposite of what I expected. I'm willing to change my
implementation to use this interpretation instead, but I think this
clarification by itself is reason enough to get a -02 out as quickly as
possible.
Tony Hansen
tony(_at_)att(_dot_)com
Murray S. Kucherawy wrote:
Tony Hansen wrote:
This paragraph should be ignored completely. It should have been
removed.
...
The signature in -00 was generated from "header CRLF body CRLF
dkim-signature". Now I expect it to be generated from "header CRLF
dkim-signature". That is, the "body CRLF" disappears, but not *both*
CRLFs.
Am I wrong?
My understanding after talking to Eric:
The body hash is of the body only; no extra CRLFs and no signature.
The header hash contains the headers to be signed (if signing) or the
headers replayed according to the "h=" tag value (if verifying),
followed by the signature being evaluated (if verifying) or generated
(if signing) minus the "b=" value. Again, no extra CRLFs.
_______________________________________________
dkim-dev mailing list
dkim-dev(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-dev