Addition:
On 1/20/26 18:26, Hannah Stern wrote:
In the DKIM2-Signature header (section 6), we have the rt=
tag-spec like this:
sig-rt-tag = %72 %x74 [FWS] "="
1*( [FWS] "<" local-part "@" domain-name ">" )
For example ...; rt=<[email protected]> <[email protected]>; ...
However, RFC5321 local-part can be a quoted string like this:
<"foo><bar;"@example.com>
In this case,
[...]
b) My example shows, with the "><" part in the quoted-string
local-part, that a parser for DKIM2-Signature headers can't
operate by first dividing rt= into single addresses in a
simplistic way (search for ">" [FWS] "<" and if found, split
after the ">"). At the same time, there are no commas between
the addresses, so I can't just feed rt= into a parser for
RFC 5322 mailbox-list and afterwards (or on the fly) apply
additional constraints. So a correct rt= parser currently
might have to duplicate code that's in RFC 5321 or RFC 5322
parsers to find the next ">" that's not within a quoted-string.
One option to make this simpler would be to allow duplicate rt=
tags (i.e. lifting the no duplicate tag-name constraint in this
particular respect) and encoding one recipient each, only.
Another possibility would be base64 encoding each address separately.
Then any non-base64 separator could be used within rt=.
An intermediate could be having each address be
hashed-localpart @ domain
with something like comma as separator. "<>" would be needed only
for the empty mf= value.
hashed-localpart could be something like
base64(truncated-sha256(tolower(actual-localpart)))
with actual-localpart matching the localpart used in the RFC 5321
transaction, in RFC 5321 local-part syntax.
Or base64(actual-lowerpart) @ domain. Then a few characters would
be available as good separators, including the current "<"/">" variant.
Kind regards,
Hannah.
--
Hannah Stern
Software Developer
Mail Transfer Development
1&1 Mail & Media Development & Technology GmbH | | |
Phone: +49 721 91374-4519
E-Mail: [email protected] | Web: www.mail-and-media.com www.gmx.net
www.web.de www.mail.com www.united-internet-media.de
Hauptsitz Montabaur, Amtsgericht Montabaur, HRB 5452
Geschäftsführer: Alexander Charles, Dr. Michael Hagenau, Thomas Ludwig,
Dr. Verena Patzelt
Member of United Internet
Diese E-Mail kann vertrauliche und/oder gesetzlich geschützte
Informationen enthalten. Wenn Sie nicht der bestimmungsgemäße Adressat
sind oder diese E-Mail irrtümlich erhalten haben, unterrichten Sie bitte
den Absender und vernichten Sie diese E-Mail. Anderen als dem
bestimmungsgemäßen Adressaten ist untersagt, diese E-Mail zu speichern,
weiterzuleiten oder ihren Inhalt auf welche Weise auch immer zu verwenden.
This e-mail may contain confidential and/or privileged information. If
you are not the intended recipient of this e-mail, you are hereby
notified that saving, distribution or use of the content of this e-mail
in any way is prohibited. If you have received this e-mail in error,
please notify the sender and delete the e-mail.
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
