ietf-dkim
[Top] [All Lists]

[ietf-dkim] draft-ietf-dkim-base-02 //a= algorithm ABNF

2006-06-05 01:23:52

,---
| a=   The algorithm used to generate the signature (plain-text;
|     REQUIRED).  Verifiers MUST support "rsa-sha1" and "rsa-sha256";
|     signers SHOULD sign using "rsa-sha256".  See Section 3.3 for a
|     description of algorithms.
|
|    ABNF:
|
|   sig-a-tag       = %x61 [FWS] "=" [FWS] sig-a-tag-alg
|   sig-a-tag-alg   = "rsa-sha1" / "rsa-sha256" / x-sig-a-tag-alg
|   x-sig-a-tag-alg = hyphenated-word   ; for later extension
'---

The ABNF structure does not provide a clear indication where the key and
hash information will be placed in future definitions.  This information
is needed when splitting out hash and key element for comparison within
the key k= and h= values.  This definition may better prevent algorithm
spoof exploits.

Change to:

: ABNF:
:
:   sig-a-tag       = %x61 [FWS] "=" [FWS] sig-a-tag-alg
:   sig-a-tag-alg   = sig-a-tag-k"-"sig-a-tag-h
:   sig-a-tag-k     = "rsa" / x-sig-a-tag-k
:   sig-a-tag-h     = "sha1" / "sha256" / x-sig-a-tag-h
:   x-sig-a-tag-k   = ALPHA [ *(ALPHA / DIGIT)  ; for future key types
:   x-sig-a-tag-h   = ALPHA [ *(ALPHA / DIGIT)  ; for future hash types

-Doug

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>