ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Clarification needed for "Computing the Message Hashes"

2010-05-06 11:35:37
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org [mailto:ietf-dkim-
bounces(_at_)mipassoc(_dot_)org] On Behalf Of Michael Ströder
Sent: Thursday, May 06, 2010 4:51 AM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: [ietf-dkim] Clarification needed for "Computing the Message
Hashes"

HI!

I wondered about a sentence in section 3.7. of RFC 4871:

   [..] The header field MUST be presented to
   the hash algorithm after the body of the message rather than with
the
   rest of the header fields and [..]

http://www.dkim.org/specs/rfc4871-dkimbase.html#hashing

What does "the body of the message" mean exactly? The 1. body-hash or
really
2. the whole message body (again)?

The more formal description implies 1.:

    body-hash = hash-alg(canon_body)
    header-hash = hash-alg(canon_header || DKIM-SIG)
    signature = sig-alg(header-hash, key)

You're computing two hashes.  The first is a hash over the signed header fields 
(which gets stored in the "bh="), and the second is over the body followed by 
the (incomplete) DKIM-Signature header field.


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>