-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
In message <[email protected]>, Hannah Stern
<[email protected]> writes
>In body change recipes, section 5 of the draft, b: can insert base64
>encoded content (i.e. that has been removed or changed at some point).
>It doesn't encode the final CRLF, but can encode intermediate CRLFs
on reflection this is more confusing than useful (and is a nuisance
to check) so I have removed this from the #5 text I am working on
> if
>it encodes multiple lines. Can it be specified (or considered as if
>specified) that a b: recipe is invalid if it encodes bare CR or bare LF
>or other characters that are not 7-bit valid characters within an
>Internet Message body?
I have made it clear that CR and LF are not permitted (so if you
have accepted such a message and changed it then you will not be able
to provide a recipe to show what you have done).
>In header change recipes, are b: tags supposed to encode
>pre-canonicalized header content? It's already specified that they may
>not encode any CRLF, but nothing is said about WSP sequences or any WSP
>at the beginning.
it is not necessary to deal with this ... because the only thing you
ever do with a reconstructed header field is to push it through a
canonicalisation step and feed it to a hash function.
> Naively I'd assume that a verifier has to cope with
>non-canonicalized header content except folding. And can other
>non-valid encoded octets (non-7-bit or otherwise) be considered as
>invalid (i.e. failing verification)?
Since canonicalisationo of header fields unfolds them, there's no need
to worry about reconstructing the original folding
- --
richard @ highwayman . com "Nothing seems the same
Still you never see the change from day to day
And no-one notices the customs slip away"
-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.7.1
iQA/AwUBaUxKSWHfC/FfW545EQKiuwCfXuy07/TC9AncU1b3FCkU0KEj4dQAn11n
r2mlsS434K992lHEWeBCwlAi
=9ZNO
-----END PGP SIGNATURE-----
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
