Charles Lindsey wrote:
On Mon, 22 Jan 2007 15:49:49 -0000, Eric Allman <eric+dkim(_at_)sendmail(_dot_)org>
wrote:
The revised wording achieves what it was intended to achieve,
namely that an empty/absent <body> result in a single <CRLF> to be
hashed.
What is not clear is WHY this alternative was chosen (as opposed to
letting it result in an empty <body>).
I could easily envision a situation where a completely empty body got
sent via BDAT to an intermediate MTA that had to convert it to DATA
format for retransmission. It wasn't hard to make a guess that some
such MTAs might a CRLF before the final dot. It's not likely, but
possible, and canonicalizing in this way prevents that problem.
Well that is a reason worth considering (more than can be said of
Hector's confused arguments).
Snob! What is so confusing about it? You are the only one confused here
with this on going not stop complaining of the SIMPLE c14n empty hashing.
But I would have though that a BDAT ->
DATA converter would simply have rendered an emtpy bid as an absent body
(which is perfectly possible under RFC 2821). So not a very strong
argument.
Oh stop it already. The specs in this regard is fine. The only thing
that is missing to resolve this security issue is a KEY attribute that
defines the intentions of the signer for partial hashing. If the
signer is concern about it, it should never define a l= tag. Otherwise,
he would run into l=2 problems. If you don't understand that, thats your
problem.
===
HLS
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html