[Fwd: Re: [ietf-dkim] canonicalized null body and dkim]
Charles Lindsey
chl at clerew.man.ac.uk
Thu Dec 21 03:04:33 PST 2006
On Wed, 20 Dec 2006 15:23:32 -0000, Mark Delany <markd+dkim at yahoo-inc.com>
wrote:
> Charles Lindsey wrote:
>> Anyway, here is some wording:
>> The "simple" body canonicalization removes empty lines from the end
>> of the
>> body until either the last line is non-empty, or no lines remain. An
>> empty
>> line is a line of zero length after removal of any terminating CRLF.
>> If
>> the body is not now empty and the last line is not already
>> terminated by
>> CRLF, a CRLF is added to it.
>> INFORMATIVE NOTE: Following [RFC 2822}, the CRLF which separates
>> the
>> header fields from the body is NOT part of the body, and
>> therefore is
>> never presented to the signing or verification algorithm.
>
> I think I agree with the effect, but I wish I could offer something
> terser, but that seems hard since this is dealing with the interaction
> of potentially different header canon and body canon.
>
> Does the INFORMATIVE NOTE imply that the following two emails
> canonicalize to the same thing?
>
>
> ---------------
> Last-Header: blahCRLF
> CRLF
> lineOne: blah1CRLF
> lineTwo: blah2CRLF
> ---------------
>
> ---------------
> Last-Header: blahCRLF
> lineOne: blah1CRLF
> lineTwo: blah2CRLF
> ---------------
Certainly not! Why should they?
The first is a message with one header and a body of two lines. The header
canonicalizes into itself, and the body canonicalizes into
---------------
lineOne: blah1CRLF
lineTwo: blah2CRLF
---------------
The second is a message with three headers and no body at all. The headers
canonicalize as themselves, and for the body you treat it as empty:
---------------
---------------
One could add text to say that an absent body is equivalent to an empty
body, if you think that is necessary.
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl at clerew.man.ac.uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
More information about the ietf-dkim
mailing list