[ietf-dkim] editorials and nits
John Levine
johnl at iecc.com
Wed Jul 5 13:02:23 PDT 2006
>If the verifier doesn't like the l= tag, they should just reject the
>signature, rather than bother doing the math to verify it.
Don't do that. In the presumably common case where the message hasn't
had anything added to it in transit, you ignore l= and the signature
verifies just fine. I suppose as a microoptimization you could
prescan the body and fail if the length is wrong.
>Perhaps we need to more globally describe what we mean by "ignore the
>tag", since paragraph 9 of section 3.2 says, "Unrecognized tags MUST be
>ignored." In that case, what we want to say is that the verifier MUST
>not take action on the tag, but MUST include it in the hash calculation
>for this DKIM-Signature header field. Do we need to spell this out?
I hope not. Anyone who can't figure that out is unlikely to implement
a working verifier no matter what we tell them.
R's,
John
More information about the ietf-dkim
mailing list