[ietf-dkim] z= question with X headers
Eric Allman
eric+dkim at sendmail.org
Fri Apr 28 13:22:22 PDT 2006
>> The z= tag is only supposed to be used for "diagnostic purposes",
>> not for computing the hash. Changing that would have major
>> implications that we would have to examine very carefully.
>
> So if mail list changed Subject header field (and for purposes of
> this question did not add other fields or changed content data) and
> there was a signature in message before that contained original
> Subject in the 'z' tag AND now message got to verifying agent -
> that agent is supposed to say the signature is invalid rather then
> use data from 'z' tag to attempt to verify the signature?
Yes. The mailing list should have re-signed the message.
eric
More information about the ietf-dkim
mailing list