[ietf-dkim] dkim-base-03 key-*-tag minor issues
Eric Allman
eric+dkim at sendmail.org
Mon Jul 3 18:17:00 PDT 2006
--On July 2, 2006 4:31:46 PM +0900 SUZUKI Takahiko
<takahiko at iij.ad.jp> wrote:
> I noticed a few minor issues about key-*-tag on dkim-base-03.
>
> #1 Section 3.6.1, key-g-tag includes CFWS which obscures the
> local-part the verifier really need, and is needless for this tag.
> CFWS should be excluded (and comments should be noted with
> key-n-tag).
>
> [dkim-base-03]
> key-g-tag-lpart = [dot-atom] ["*"] [dot-atom]
>
> should be like
>
> key-g-tag-lpart = [dot-atom-text] ["*"] [dot-atom-text]
>
> (or 2821-Local-part/2821-Dot-string might be more appropriate.)
>
> [rfc2821]
> Local-part = Dot-string / Quoted-string
> Dot-string = Atom *("." Atom)
> Atom = 1*atext
> Quoted-string = DQUOTE *qcontent DQUOTE
>
> [rfc2822]
> dot-atom = [CFWS] dot-atom-text [CFWS]
> dot-atom-text = 1*atext *("." 1*atext)
I think that dot-atom-text makes more sense than Dot-string if only
because in defining a header field it makes more sense to reference
2822 than 2821. I do agree that dot-atom-text is a better choice
than dot-atom. Thanks.
> #2 Section 3.6.1, key-p-tag permits empty value for revoking. So
>
> key-p-tag = %x70 [FWS] "=" [FWS] base64string
>
> should be like
>
> key-p-tag = %x70 [FWS] "=" [ [FWS] base64string ]
Agreed. Fixed.
> #3 Section 3.6.1, key-h-tag default value (= allowing all
> algorithms) should be able to be specified explicitly. So
>
> key-h-tag-alg = "sha1" / "sha256" / x-key-h-tag-alg
>
> should be like
>
> key-h-tag-alg = "sha1" / "sha256" / "*" / x-key-h-tag-alg
At the moment we aren't allowing wildcarding for the h= tag other
than by eliminating it entirely. We can add this if there is
consensus.
eric
More information about the ietf-dkim
mailing list