Hi Hector,
Not that I follow this entire thread (anyone like to summarise?)
but just on this point:
Hector Santos wrote:
Question:
If it not possible to have a complete stripping of the CR/LF for hashing
purposes? That would address this particular mixed bag EOL issue for both
the signer and verifier.
I believe from a security standpoint that this is not as secure as a SIMPLE.
So maybe we can two hashes:
- a hash that is part of the signature using a STRIP canonicalization,
- a hash of the original body,
The gives the verifier two new capabilities:
- It will increase hash repeatability using the STRIP method, and
- It provides a way to check for original mail integrity changes.
This can produce an interesting result with the DKIM signature calculated as
valid but with feedback that the originality of the message has change.
Given our current definition of "bh=" isn't this just the same
as inventing a new "eat all CR/LF" c14n alg. and including
two signatures - one with simple for the body and one with
the new c14n for the body?
I also think that the putative "eat all CR/LF" c14n might be
hard to get approved, given the obvious vulnerabilities it'd
create.
Stephen.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html