Hi!
On 7/16/25 10:42, Alessandro Vesely wrote:
On Tue 15/Jul/2025 17:01:14 +0200 Hannah Stern wrote:
How about multiple b=, like this:
DKIM2-Signature: i=1; d=example.com; b=hash1:signature1:selector1;
b=hash2:signature2:selector2; ...
I.e. allow multiple b= and combine bh and selector into the signature
(bh too as to allow for different hash algorithms as determined per
selector)? The format itself could be without hard format-defined
limit, but the standard should probably set technical limits (signers
MAY NOT add more than 10 signatures, verifiers SHOULD accept up to 10
signatures, or something)?
Or
bh1=hash1;bh2=hash2;b=1:signature1:selector1;b=1:signature2:selector2;b=2:signature3:selector3
So hash values can be reused if the hash is the same for 2 signature
schemes (like rsa-sha256 and ed25519-sha256) but could eventually be
different for a third one (say, somepq-sha3)? The numbers directly
after b= would reference the digit suffix for bhN.
There seems to be some confusion on field names. Isn't b= the actual
signature? And bh=? The body hash ought to be the same for all
signatures.
Since we're defining a new DKIM2 header, we can do what we want here
instead of doing it like before - can't we?
So we could as well define b possibly multi-valued (by repetition) and
containing : separated fields (':' doesn't collide with selector names
nor with the base64 in signatures).
And no, body hash isn't the same, as a algorithm specifies the hash
function used, as in "rsa-sha256". So you could as well have algorithms
like "rsa-sha3-512" besides that.
For yet another idea, why not enclose each signature in its own comment?
i=1; d=example.com; bh=EbhL2B19OrE...; (s=alfa, b=BgHNOO...; h=List-
Archive);
(s=beta; b=ChNOPQ...); (s=gamma; b=DiORj...; h=X-Conspiracy);
t=1752591685
Tbh using comment syntax like this doesn't look so intuitive and good to me.
Hannah.
--
Hannah Stern Mail System Development
www.mail-and-media.com 1&1 Mail & Media Development & Technology GmbH
[email protected] Brauerstraße 48 76135 Karlsruhe Germany
+49 721 91374-4519
Hauptsitz Montabaur, Amtsgericht Montabaur, HRB 5452
Geschäftsführer: Alexander Charles, Dr. Michael Hagenau, Dana Kraft,
Thomas Ludwig
Member of United Internet
Diese E-Mail kann vertrauliche und/oder gesetzlich geschützte
Informationen enthalten. Wenn Sie nicht der bestimmungsgemäße Adressat
sind oder diese E-Mail irrtümlich erhalten haben, unterrichten Sie
bitte den Absender und vernichten Sie diese E-Mail. Anderen als dem
bestimmungsgemäßen Adressaten ist untersagt, diese E-Mail zu speichern,
weiterzuleiten oder ihren Inhalt auf welche Weise auch immer zu verwenden.
This e-mail may contain confidential and/or privileged information. If you
are not the intended recipient of this e-mail, you are hereby notified
that saving, distribution or use of the content of this e-mail in any
way is prohibited. If you have received this e-mail in error, please
notify the sender and delete the e-mail.
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
