[Fwd: Re: [ietf-dkim] canonicalized null body and dkim]

Charles Lindsey chl at clerew.man.ac.uk
Wed Dec 20 02:52:26 PST 2006 

On Tue, 19 Dec 2006 19:49:48 -0000, Michael Thomas <mike at mtcc.com> wrote:

>
> My previous implementation did the same as Arvel's (given his recent
> mail), which is the same thing that I think that Murray's  is doing. But
> to be pedantic:
>
> null body:
>
> Last-header: foo<crlf>
> <crlf>
>
> l=2; canon-body: <crlf>
>
> single crlf:
>
> Last-header: foo<crlf>
> <crlf>
> <crlf>
>
> l=2; canon-body: <crlf>
>
> two trailing crlf's
>
> Last-header: foo<crlf>
> <crlf>
> <crlf>
> <crlf>
>
> l=2; canon-body: <crlf>

No, I don't think that is what Tony was claiming the majority of  
implementations did (I think it is what the current wording says to do,  
but I think Tony was saying all those should result in an empty body to be  
hashed).

Anyway, here is some wording:

    The "simple" body canonicalization removes empty lines from the end of  
the
    body until either the last line is non-empty, or no lines remain. An  
empty
    line is a line of zero length after removal of any terminating CRLF. If
    the body is not now empty and the last line is not already terminated by
    CRLF, a CRLF is added to it.

       INFORMATIVE NOTE: Following [RFC 2822}, the CRLF which separates the
       header fields from the body is NOT part of the body, and therefore is
       never presented to the signing or verification algorithm. In the case
       of a pure binary message (such as one with a  
Content-Transfer-Encoding
       of 'binary') the concept of "lines" may not be meaningful.  
Nevertheless,
       wherever the pair of octets that represent CRLF happens to occur,  
that
       is to be considered as the end of a "line" for the purposes of this
       canonicalization algorithm.

Now, you are all invited to find some way of misinterpreting that :-).

Next, for body length counts which, as I now see from 3.4.5, are to be  
applied _after_ canonicalization. (BTW, I misinterpreted those counts as  
line counts rather than byte counts in an earlier message).

Here is another example to amuse you:

Last-header: foobarCRLF
CRLF
----------------
12345678CRLF
12345678CRLF
12345678
----------------

Now sign that with l=29 :-)
(don't forget to add the CRLF to the last line first)

-- 
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131                       
   Web: http://www.cs.man.ac.uk/~chl
Email: chl at clerew.man.ac.uk      Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9      Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5

More information about the ietf-dkim mailing list