[Top] [All Lists]

Re: [ietf-dkim] versions, Where is the formal definition of DKIM-Signature?

2018-02-09 16:33:31
In article 
Mark Delany <sx6un-fcsr7(_at_)qmda(_dot_)emu(_dot_)st> wrote:
Oh I dunno. The precedent of RFC822 - the very standard we rely on - has
survived numerous upgraded and enhancements over a 36 year period and managed
to do just fine without a version.

RFC 822 may not have versions but 821/2821/5321 sure do.

As soon as 2821 added EHLO, SMTP got service extensions and pretty
much by their nature, those extensions are not backward compatible.

Well-known examples are 8BITMIME and SMTPUTF8.  If you have a message that needs
one of those and the server you're trying to send it to doesn't support the
extension, you lose, the message bounces.  (A sending host might try to rewrite
MIME bodies to avoid 8BITMIME but it's a long time since I've seen anyone try
that, and it'd break DKIM signatures, so it probably wouldn't help.)

Nonetheless, we seem to have survived.

The DKIM v=2 hack I proposed is a lot like SMTP extensions in that if
your signature doesn't need the new semantics, don't ask for them, so
you should sign with v=1, so the old and new will coexist forever.
Since they can easily be handled by the same signing and verifying
libraries, that's not a problem.
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet for 
Please consider the environment before reading this e-mail.

NOTE WELL: This list operates according to