Unfortunately, this does not solve the problem. The 8bit-MIME to
7bit conversion as required(*) in RFC 1652 replaces the entire
message body, and therefore it invalidates DKIM signatures even
when the Content-Transfer-Encoding header is not signed.
Well, I thought the canonicalization would reduce the encoding problems
but I didn't check this.
This might be a good time to reread 4871. It's not all that long.
I expect if a redesign of DKIM would take place an improved
canonicalization method could solve this problem?
We discussed this and basically decided that no, we're not going to
try to understand MIME. There's all sorts of stuff a helpful MTA
might do to a message, e.g., reorder the MIME parts, and any canonical
representation that tried to deal with them would be impossibly
complex.
If you want to maximize the chances that your signed message arrives
intact, downcode it to something in seven bits before you sign it.
R's,
John
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html