ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] z= question with X headers

2006-04-28 13:40:24

On Fri, 28 Apr 2006, Eric Allman wrote:

The z= tag is only supposed to be used for "diagnostic purposes",
not for  computing the hash.  Changing that would have major
implications that we  would have to examine very carefully.

So if mail list changed Subject header field (and for purposes of
this question did not add other fields or changed content data) and
there was a signature in message before that contained original
Subject in the 'z' tag AND now message got to verifying agent -
that agent is supposed to say the signature is invalid rather then
use data from 'z' tag to attempt to verify the signature?

Yes.  The mailing list should have re-signed the message.

Hm. I've a certain suspicion that there would be a number of
implementations that will purposely not comply with your draft...

--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html