On Tue, 19 Dec 2006 19:49:48 -0000, Michael Thomas <mike(_at_)mtcc(_dot_)com>
wrote:
My previous implementation did the same as Arvel's (given his recent
mail), which is the same thing that I think that Murray's is doing. But
to be pedantic:
null body:
Last-header: foo<crlf>
<crlf>
l=2; canon-body: <crlf>
single crlf:
Last-header: foo<crlf>
<crlf>
<crlf>
l=2; canon-body: <crlf>
two trailing crlf's
Last-header: foo<crlf>
<crlf>
<crlf>
<crlf>
l=2; canon-body: <crlf>
No, I don't think that is what Tony was claiming the majority of
implementations did (I think it is what the current wording says to do,
but I think Tony was saying all those should result in an empty body to be
hashed).
Anyway, here is some wording:
The "simple" body canonicalization removes empty lines from the end of
the
body until either the last line is non-empty, or no lines remain. An
empty
line is a line of zero length after removal of any terminating CRLF. If
the body is not now empty and the last line is not already terminated by
CRLF, a CRLF is added to it.
INFORMATIVE NOTE: Following [RFC 2822}, the CRLF which separates the
header fields from the body is NOT part of the body, and therefore is
never presented to the signing or verification algorithm. In the case
of a pure binary message (such as one with a
Content-Transfer-Encoding
of 'binary') the concept of "lines" may not be meaningful.
Nevertheless,
wherever the pair of octets that represent CRLF happens to occur,
that
is to be considered as the end of a "line" for the purposes of this
canonicalization algorithm.
Now, you are all invited to find some way of misinterpreting that :-).
Next, for body length counts which, as I now see from 3.4.5, are to be
applied _after_ canonicalization. (BTW, I misinterpreted those counts as
line counts rather than byte counts in an earlier message).
Here is another example to amuse you:
Last-header: foobarCRLF
CRLF
----------------
12345678CRLF
12345678CRLF
12345678
----------------
Now sign that with l=29 :-)
(don't forget to add the CRLF to the last line first)
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html