[dkim-ops] DKIM DNS record cr lf

John R Levine johnl at taugh.com
Sun Feb 24 10:09:26 PST 2008


A recent perusal of RFC 4871 reminded me that it uses the same tag-list 
syntax for the DKIM-Signature: header and the DNS record.  The ABNF uses 
FWS for folding white space, which means that the DNS records can contain 
newlines, e.g.:

  v \r\n=DKIM1;\r\n h=\r\nsha256;p=\r\n"23jkdjk ... ;

Has anyone ever put a newline in a DKIM TXT record?  Would records with 
new lines interoperate with existing DKIM implementations?

I gather the theory was that you'd use the same parser to handle the 
header line and the TXT record, but it seems to me the parser needs to 
know which one it's parsing due to other differences, e.g. you need to 
trim off the trailing newline on the header line or the tag-list ABNF 
won't match since it doesn't permit FWS after a final semicolon.

Regards,
John Levine, johnl at taugh.com, Taughannock Networks, Trumansburg NY
"I dropped the toothpaste", said Tom, crestfallenly.


More information about the dkim-ops mailing list