On Wed, 25 Mar 2009 21:55:48 -0000, Florian Sager <sager(_at_)agitos(_dot_)de>
wrote:
According to the mails below the RFC compliant change of content
encoding in MTA-forwarding may break signatures that follow the RFC
4871
recommendation to include header "Content-Transfer-Encoding" in the
signature. This header should be removed from section 5.5. Recommended
Signature Content (The following header fields SHOULD be included in
the
signature ...).
Unfortunately, this does not solve the problem. The 8bit-MIME to
7bit conversion as required(*) in RFC 1652 replaces the entire
message body, and therefore it invalidates DKIM signatures even
when the Content-Transfer-Encoding header is not signed.
Well, I thought the canonicalization would reduce the encoding problems
but I didn't check this.
I expect if a redesign of DKIM would take place an improved
canonicalization method could solve this problem?
Indeed, I pointed this out when I first joined this list, but it was too
late for inclusion in our draft at that time (though the Chair did suggest
I should write up a draft for an enhancement, and it could indeed be done
if/when we do a full -bis).
There are details of my canonicalization at
http://www.cs.man.ac.uk/~chl/uncode/uncode.html
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html