On 4/2/2015 9:25 PM, John R Levine wrote:
So receipt of a message signed in the new form will likely produce an
incorrect signature validation, ...
I wondered about that, too, so before I proposed a version bump, I
took a look at the code that people use:
* Murray's opendkim C library: checks that the version is 0.5 or 1,
fails otherwise. That's the code in the milters that sendmail and
postfix use, and I believe it's the library that everyone else with
custom C code (including me) uses or adapts. It replaces the older
libdkim.
At least 8-10 years ago, it wasn't the library "everyone else" used.
It wasn't quite portable to Windows (without changes). It might be
different today. Alt-N's open source DKIM/ADSP library was a pure
C/C++ portable package and it was used. In this API, if "v=" exist,
it checks for the string match of either:
"1"
"0.5"
"0.4"
"0.3"
"0.2"
and returns a DKIM_SIG_VERSION_02_PLUS version otherwise
DKIM_STAT_INCOMPAT. If "v=" did not exist, it returns a
DKIM_SIG_VERSION_PRE_02 version. None of this was made
optional to operators. So a "version bump" would return
DKIM_STAT_INCOMPAT (unknown version).
--
HLS
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc