-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I would argue that your specification of l=100 when the actual
message size is 10K is intentional breakage of your own signature.
I mean that the body hash covers the first 100 bytes of the body, and
doesn't cover the other 9900 bytes.
The question remains: given a message with such a signature, which is
entirely valid in the current DKIM, what will a recipient system do
with it? What will users see? Ask ten people, get ten answers, which
is about as far from interoperable as you can get.
Well. I don't think it's quite that bad.
In the spec, we give non-normative guidance that the most correct
thing would be to lop that extra 9900 bytes off.
There are a number of other questions that are important for product
design that are unimportant at the protocol level. Should you tell the
user that stuff was trimmed? Put the trimmed text in an attachment so
they can see it?
If it were me -- I would treat all valid-signed messages of l=N to be
precisely N bytes long and discard everything else. But gentlepersons
can disagree.
Jon
-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 2.6.3
Charset: US-ASCII
wj8DBQFKJaBOsTedWZOD3gYRAl1AAJ9SYyw2bDBGLMwT3zINhJNPuMC+uQCfbWfC
0Za1ub4yX96E3OsUexYaD6g=
=ldlo
-----END PGP SIGNATURE-----
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html