Re: [ietf-dkim] Escaping things in key/ADSP records

John Levine wrote:

It is certainly the kind of bug that occurs in PHP scripts when the
programmer doesn't perfectly understand the quoting rules.  It\'s happened
to me.


I'm collecting a set of common mistakes breaking DKIM signatures.

Mentioning a web interface to DNS and PHP brings the following to mind:

$ host -t txt default._domainkey.biofeedbackinternational.com
 "k=rsa\;
  p=MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhAOr7pvAlT3y3qLf3zusWTjo5xI8yHSoj
  rS0nq bYpD1wEwroTAoqMOy2laMFEVC2Wr7G 0GAMN9XkH5dpBQQtnFj REbwc6sku
  6NJGPRB  IzNW iHrZ bcOtrHBgudeWwIDAQAB\;"

Note that each '+' in a published base64-encoded p tag has been
converted into a space, as per URI decoding rules. Naturally their
signatures fail, but nobody cares.

  Mark

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Re: [ietf-dkim] [dkim-ops] Q: "dkim=discardable", Douglas Otis

Next by Date:

Re: [ietf-dkim] [dkim-ops] Q: "dkim=discardable", Stephen Farrell

Previous by Thread:

Re: [ietf-dkim] Escaping things in key/ADSP records, John Levine

Next by Thread:

[ietf-dkim] Re-send: Considerations for rechartering, Murray S. Kucherawy

Indexes:

[Date] [Thread] [Top] [All Lists]