[dkim-dev] ATPS v01 - Hash Length

Hector Santos hsantos at santronics.com
Thu Sep 30 12:16:54 PDT 2010

Hector Santos wrote:
> But what if we allow ATPS for a wild card hash?
> RRYSFVSSZN56ELIZQ3Y7GCYH7VIQRWOA._atps  TXT ("v=atps01; d=*.example.com;")

Btw, I was exploring this sub-domain wildcard idea and for the 
specific domain:


I was getting a short BASE32(SHA1("*.winserver.com")) result and 
depending on what base32 encoding function used, you can get "=" padding.

  2VGN3G3GATAIHHTMGWPQ====._atps  TXT ("v=atps01; d=*.winserver.com;")

shorter than 32.  I checked this with various base32(sha1()) library 
methods. All produce the same result.

Without the *. subdomain prefix, you get:

  JCHJYKXMWKNBYFGE2BG4TD6ADD264OLH._atps  TXT ("v=atps01; 

and other wild card hashing does this show this hashing behavior:

3LZJLXW37GAOBEWLNDWERVOC6SY5VTUI._atps  TXT ("v=atps01; d=*.isdg.net;")

I am not sure if this show there could be collisions with the 
base32(sha1()) algorithm or that you were always expecting an uniform 
32 character hash result.


Hector Santos

More information about the dkim-dev mailing list