[ietf-dkim] editorials and nits
Jim Fenton
fenton at cisco.com
Wed Jul 5 13:53:23 PDT 2006
John Levine wrote:
>> If the verifier doesn't like the l= tag, they should just reject the
>> signature, rather than bother doing the math to verify it.
>>
>
> Don't do that. In the presumably common case where the message hasn't
> had anything added to it in transit, you ignore l= and the signature
> verifies just fine. I suppose as a microoptimization you could
> prescan the body and fail if the length is wrong.
>
Agreed. That would be the effect of "ignoring" the l- tag -- in the
sense of actually removing it from the signature -- which is why that's
not a good thing to do.
-Jim
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mipassoc.org/pipermail/ietf-dkim/attachments/20060705/0839852f/attachment.html
More information about the ietf-dkim
mailing list