[ietf-dkim] Re: dkim-base-01: Section 6.2 Get the Public Key
Eric Allman
eric at sendmail.org
Thu Apr 27 14:26:03 PDT 2006
Sorry to have gone dark for a while --- I've been even more than
usually busy. I'm trying to get a bit of catching up done today.
What I did for this was to add something to 6.1 reading "Verifiers
MAY ignore the DKIM-Signature header field if it contains an "x=" tag
and the signature has expired." I then added to the end of 6.1 "If
there are no valid signatures remaining after this step, a verifier
MUST NOT proceed to the next step."
eric
--On April 14, 2006 9:18:14 AM -0400 Hector Santos
<hsantos at santronics.com> wrote:
> Eric,
>
> In regards to the expiration tag x=, until a decision is made about
> its fate, it is still part of the specs. In such a case, to comply
> with the x= current specs, a preliminary step is missing in
> section 6.2:
>
>| 6.2 Get the Public Key
>|
>| ...
>|
> + 0. If signature has an expiration (x=) tag, check if the
> signature + has expired. Signatures MUST NOT be considered
> valid if the + current time at the verifier is past the
> expiration date. +
>| 1. Retrieve the public key as described in (Section 3.6) using
>| the domain from the "d=" tag and the selector from the "s=" tag.
>
> --
> Hector Santos, Santronics Software, Inc.
> http://www.santronics.com
>
>
>
>
>
>
More information about the ietf-dkim
mailing list