ietf-mailsig
[Top] [All Lists]

Re: Better DKIM Verification Example Needed

2005-07-27 14:46:24

On July 27, 2005 at 16:25, "Arvel Hathcock" wrote:

One clarification on that.  If b= is the last tag in the signature (as 
recommended by the spec) then you don't need the ; at the end and it should 
just be b= rather than b=;.   The semicolon is required when there are other 
tags afterward.  If b= is the last tag then the ; is not strictly required. 
It's not entirely clear whether a ; char following the last tag in a 
signature would hash out in such a way as to cause a problem.  We need to 
test this and post back the results.

I asked about how the b= is handled in my first post commenting
about the DKIM draft:

    Why isn't the signature data provided in its own separate
    header field to avoid having to extract out the sig data
    first and dealing with ambiguities of whitespace?  For example,
    is the whitespace before and after the "b=" tag also removed,
    or only the whitespace after (or before)?

I never saw an answer to this question.

IMO, it is much cleaner to have the signature in its own header
field so header field canonicalization is uniform across all
fields.

If such a change will not happen due to whatever reasons, then the
canonicalization of the DKIM-Signature field should be explained
*in detail*, especially wrt to "removing" b= and how surrounding
whitespace and/or semicolon is handled.

Note, the semicolon should either be required after each tag=value
or left out.  I see no reason why such variation in syntax is needed;
it makes canonicalization of DKIM-Signature more complicated.

--ewh

<Prev in Thread] Current Thread [Next in Thread>