Software: Apache. PHP/8.1.30 uname -a: Linux server1.tuhinhossain.com 5.15.0-151-generic #161-Ubuntu SMP Tue Jul 22 14:25:40 UTC uid=1002(picotech) gid=1003(picotech) groups=1003(picotech),0(root) Safe-mode: OFF (not secure) /usr/share/doc/libmail-dkim-perl/ drwxr-xr-x | |
| Viewing file: Select action/file-type: Following are some notes about gray areas in the RFC 4871 DKIM
specification.
Section 3.4.4 "relaxed" Body Canonicalization
Empty bodies. Unlike the "simple" body canonicalization, which
explicitly says to add a CRLF, the "relaxed" body canonicalization
does not say this. The consensus at DKIM-Interop was NOT to add
a CRLF for "relaxed" body canonicalization when the body is empty.
Section 3.5 "i= Identity of the user or agent"
In the section describing "identity", it says dkim-quoted-printable
encoding is to be used, but quoted printable is not mentioned in the
ABNF. The ABNF includes the "Local-part" token, which allows a quoted
string with backslashes to escape certain characters.
My interpretation (combining the text and my own reasoning), is that
the i= tag value should be the dkim-quoted-printable encoding of:
[ Local-part ] "@" domain-name
So, e.g.
local part domain
---------- -----------
i="meet=20joe"@example.com => "meet joe" example.com
i="fine=3Bmess"@example.com => "fine;mess" example.com
i="j=20s=22@example.com => "j s" example.com
i=j smith @ example . com => jsmith example.com
Section 3.6.1 "granularity of the key"
Does "an empty g= value never matches any addresses" mean that any
signature, no matter the i= value, using this key cannot be
matched? The consensus at DKIM-Interop was that YES, that's what
it means.
It should be noted that this is an incompatible change from
RFC4870-DomainKeys, where an empty g= tag in the public key is
equivalent to g=*, which would match anything.
|
:: Command execute :: | |
--[ c99shell v. 2.5 [PHP 8 Update] [24.05.2025] | Generation time: 0.0043 ]-- |