[dkim-dev] Choosing sets of headers to sign
Dave Crocker
dhc at dcrocker.net
Fri Jan 12 14:32:06 PST 2007
Murray S. Kucherawy wrote:
> On Thu, 11 Jan 2007, Dave Crocker wrote:
>> 1. How are folks deciding what fields to sign?
>
> Our current implementation signs all headers by default, but you can
> select your own list as an override. However, it will always include
> From, Date, Subject, Sender, Resent-From, Resent-Sender, and all
> Content-* headers regardless of the list you give it. I came up with
> that set on my own.
>
> I'd have to think about it for a while to recall why that particular
> list was chosen.
It will probably be worth documenting that, for these discussion. My immediate
reaction to the set is: 1) Originator address info, 2) timestampt, and 3) root
body structure lables.
What I'm curious about is why Message-ID and Subject were not included.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
More information about the dkim-dev
mailing list