-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org [mailto:ietf-dkim-
bounces(_at_)mipassoc(_dot_)org] On Behalf Of Michael Ströder
Sent: Thursday, May 06, 2010 4:51 AM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: [ietf-dkim] Clarification needed for "Computing the Message
Hashes"
HI!
I wondered about a sentence in section 3.7. of RFC 4871:
[..] The header field MUST be presented to
the hash algorithm after the body of the message rather than with
the
rest of the header fields and [..]
http://www.dkim.org/specs/rfc4871-dkimbase.html#hashing
What does "the body of the message" mean exactly? The 1. body-hash or
really
2. the whole message body (again)?
The more formal description implies 1.:
body-hash = hash-alg(canon_body)
header-hash = hash-alg(canon_header || DKIM-SIG)
signature = sig-alg(header-hash, key)
You're computing two hashes. The first is a hash over the signed header fields
(which gets stored in the "bh="), and the second is over the body followed by
the (incomplete) DKIM-Signature header field.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html