-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Alessandro
Vesely
Sent: Tuesday, May 17, 2011 9:53 AM
To: <ietf-dkim(_at_)mipassoc(_dot_)org>
Subject: [ietf-dkim] Section 3.7 s/content-hash/body-hash/?
Version -10 says
More formally, pseudo-code for the signature algorithm is:
body-hash = hash-alg (canon-body, l-param)
data-hash = hash-alg (h-headers, D-SIG, content-hash)
signature = sig-alg (d-domain, selector, data-hash)
where:
body-hash: is the output from hashing the body, using hash-alg.
Shouldn't it say
More formally, pseudo-code for the signature algorithm is:
body-hash = hash-alg (canon-body limited by l-param)
data-hash = hash-alg (h-headers, D-SIG with body-hash)
signature = sig-alg (d-domain, selector, data-hash)
where:
body-hash: is the output from hashing the body, using hash-alg.
It is set as the value of the bh= tag in D-SIG for computing
the data-hash.
I think this should be limited only to change "content-hash" to "body-hash" in
the "data-hash" line, which is correct.
The remaining changes are inconsistent with the rest of the section or don't
clarify anything. For example, the "hash-alg" function on the body-hash line
takes the canonicalized body and the l-param as inputs, and produce the
body-hash. Thus, that expression is correct as-is.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html