5.
<https://www.ietf.org/archive/id/draft-clayton-dkim2-spec-06.html#section-5>The
Message-Instance Header Field
<https://www.ietf.org/archive/id/draft-clayton-dkim2-spec-06.html#name-the-message-instance-header>
...
ABNF:
mi-h-tag = %x68 %x31 [FWS] "=" [FWS] mi-h-tag-data
mi-h-tag-data = base64string
a2=, b2=, h2= Further hashes (equivalent to a1, b1 and h1)
plain text / base64; OPTIONAL
To provide for algorithmic dexterity a second pair of hashes, using a
different algorithm MAY be supplied.
The ABNF, above this, cites a triplet, not pair, of hashes. What 'pair'
is referred to there?
Also, how does the ABNF support adding a second pair?
How does the header field indicate the presence of a second.
Why only a second, and not more?
A verifier MUST check all signatures that it understands and SHOULD
treat any failure as invalidating all hashes.
Why is this normative directive in this section, rather than in Section
5, which pertains to actual signatures?
d/
--
Dave Crocker
[email protected]
bluesky: @dcrocker.bsky.social
mast: @[email protected]
+1.408.329.0791
Volunteer, Silicon Valley Chapter
Northern California Coastal Region
Information & Planning Coordinator
American Red Cross
[email protected]
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
