signature construct (was: Re: [ietf-dkim] DKIM BOF -- draft
charter and agenda)
william(at)elan.net
william at elan.net
Sat Oct 15 12:24:31 PDT 2005
On Sat, 15 Oct 2005, Earl Hood wrote:
> On October 14, 2005 at 12:08, Stephen Farrell wrote:
>
>> PS: Just so's I can reconstruct it for myself later, the construct
>> might end up something like:
>> body-hash = Hash1(nonce, body)
>> sig-bits = Private-key(Hash2(nonce,header-stuff, body-hash))
>
> Actually the "data" hash would be more like:
>
> data-hash = Hash1(nonce, header-stuff, body)
> sig-bits = Private-key(Hash2(nonce, DKIM-Signature-field))
>
> I.e. The digital signature is only on the DKIM-Signature field,
> nothing else.
For comparison META Signatures is something like:
data-hash = hash1(nonce, some-headers, body-part)
; body-part can be particular mime part (or several) or entire message body
; some headers is optional and typically include only Content-* fields
sig-bits = Private-key(hash2(nonce, meta-parts, data-hash, header-stuff))
; where meta-parts is META-Signature field with sig segment cut out
META-Signature design itself allows for inclusion of header fields in
either way listed in previous email (together with body hash or together
with signature itself) but I obviously prefer inclusion with signature.
--
William Leibzon
Elan Networks
william at elan.net
More information about the ietf-dkim
mailing list