On Tue 15/Jul/2025 19:05:38 +0200 John Levine wrote:
It appears that Hannah Stern <[email protected]> said:
Just do a case-insensitive sort of all of the header fields that
go into the hash.
I'd be fine with that with one caveat: We'd need to specify how to break
the ties between, for example,
Foo: bar
foo: bar
Foo: Bar
foo: Bar
I don't think I've ever seen a message with two headers that differed only in
case
and I know don't ever want to see one.
May I ask if it makes sense to sign fields with multiple instances? Signing
trace fields is explicitly discouraged in DKIM1. It could be banned altogether
in DKIM2. The only interesting case is Resent- fields. They should be sorted
block-wise according to Resent-Date:. Perhaps we could specify that a signer
only signs the last Resent- block. This way, all signed fields have a single
instance, and, with the exception of Resent-, repeating them breaks the signature.
Best
Ale
--
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
