[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Better DKIM Verification Example Needed
On July 27, 2005 at 16:25, "Arvel Hathcock" wrote:
> One clarification on that. If b= is the last tag in the signature (as
> recommended by the spec) then you don't need the ; at the end and it should
> just be b= rather than b=;. The semicolon is required when there are other
> tags afterward. If b= is the last tag then the ; is not strictly required.
> It's not entirely clear whether a ; char following the last tag in a
> signature would hash out in such a way as to cause a problem. We need to
> test this and post back the results.
I asked about how the b= is handled in my first post commenting
about the DKIM draft:
Why isn't the signature data provided in its own separate
header field to avoid having to extract out the sig data
first and dealing with ambiguities of whitespace? For example,
is the whitespace before and after the "b=" tag also removed,
or only the whitespace after (or before)?
I never saw an answer to this question.
IMO, it is much cleaner to have the signature in its own header
field so header field canonicalization is uniform across all
If such a change will not happen due to whatever reasons, then the
canonicalization of the DKIM-Signature field should be explained
*in detail*, especially wrt to "removing" b= and how surrounding
whitespace and/or semicolon is handled.
Note, the semicolon should either be required after each tag=value
or left out. I see no reason why such variation in syntax is needed;
it makes canonicalization of DKIM-Signature more complicated.