ietf-dkim
[Top] [All Lists]

[ietf-dkim] Interesting Dupe Signatures

2009-10-31 13:48:52
Working on a DKIM stats log analyzer, I found some facebookmail.com 
notification messages with two duplicate DKIM signatures.

DKIM-Signature: v=1; a=rsa-sha1; d=facebookmail.com; s=q1-2009b;
         c=relaxed/relaxed;
        q=dns/txt; i=(_at_)facebookmail(_dot_)com; t=1256981485;
        h=From:Subject:Date:To:MIME-Version:Content-Type;
        bh=uFmzuYhiBd82ctm8i9mPRevatL4=;
   b=m4nhlG7A0JxZnEWa6DQza0oMghkv6CI+vNM41hY7tipGHfvj6EXCpXaFFGuV/xgj
        Zut8syylO1s4qASiqCWBaQ==;
DKIM-Signature: v=1; a=rsa-sha1; d=facebookmail.com; s=q1-2009b;
         c=relaxed/relaxed;
        q=dns/txt; i=(_at_)facebookmail(_dot_)com; t=1256981485;
        h=From:Subject:Date:To:MIME-Version:Content-Type;
        bh=uFmzuYhiBd82ctm8i9mPRevatL4=;
   b=m4nhlG7A0JxZnEWa6DQza0oMghkv6CI+vNM41hY7tipGHfvj6EXCpXaFFGuV/xgj
        Zut8syylO1s4qASiqCWBaQ==;

I don't see a difference.

I'm sure this is probably minor, but with "tons" of fb notifications 
coming into users machines, short circuiting redundant hash 
verification probably has some merit.

How should it be handled?  Should logic be added to see if the bh= or 
b= base64 hash was already processed?

Is this something that should be reported to Facebook?

--
HLS

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>