[ietf-dkim] detecting header mutations after signing
vesely at tana.it
Fri Oct 8 08:33:56 PDT 2010
On 08/Oct/10 07:00, John R. Levine wrote:
> Having the signer put the extra junk in h= should make existing verifiers
> do the right thing, although I doubt the bit of verification code that
> checks for the non-existence of the N+1st header for N>0 is well tested in
> DKIM implementations.
+1, and the revised example proposed by Julian can be enough.
The whole discussion on multiple "From"s then boils down on whether it
is worth to change the protocol so that, for example,
"h=from:subject:date:message-id:to" MUST be interpreted by the
verifier to mean
handy abbreviation for known fields.
More information about the ietf-dkim