In article <F5A0D1E3B5FC14EEFBB6C7E7@PSB> you write:
skipping over all the parts I agree with ...
... When the EAI WG was
doing that work, it was clear that interactions with DKIM were
unspecified and fairly clear that DKIM was not going to work
with such addresses and message headers without some careful
thinking and specification adjustments. ...
DKIM turns out to be OK on SMTPUTF8 mail. So long as you do the DKIM
signing after all of the cleanup that submission does, the signatures
are fine. If something later recodes or reorders body parts, the
signatures will break, but that's hardly unique to EAI. DKIM has some
optional canonicalization rules for computing the hashes which turn
out to be useless. Hashes using the complicated fuzzy rules don't
work any better than the simple rule that says hash everything
verbatim except drop blank lines at the end of the message.
I have a tiny draft in process that says that in DKIM signature
headers in SMTPUTF8 messages, store IDNs as U-labels but that's not a
big deal. If someone uses A-labels anyway, it should still work.
ietf-smtp mailing list