If the verifier doesn't like the l= tag, they should just reject the
signature, rather than bother doing the math to verify it.
Don't do that. In the presumably common case where the message hasn't
had anything added to it in transit, you ignore l= and the signature
verifies just fine. I suppose as a microoptimization you could
prescan the body and fail if the length is wrong.
Perhaps we need to more globally describe what we mean by "ignore the
tag", since paragraph 9 of section 3.2 says, "Unrecognized tags MUST be
ignored." In that case, what we want to say is that the verifier MUST
not take action on the tag, but MUST include it in the hash calculation
for this DKIM-Signature header field. Do we need to spell this out?
I hope not. Anyone who can't figure that out is unlikely to implement
a working verifier no matter what we tell them.
R's,
John
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html