On 10/15/10 8:40 AM, Mark Delany wrote:
>>> h=from:from:subject:subject:to:to:cc:cc:mime-version:mime-version:list-id:list-id?
>> Yes, it does.  The only question is to devise normative statements
>> correctly, e.g. MUST duplicate "From", SHOULD duplicate the rest.
>>
>> This is _not_ a kludge.  It is how DKIM signing works (Section 5.4).
>>
>> Are we worried about wasting 100~200 bytes per signature?  (I get ~4Kb
>> headers nowadays, so that is about 3% of it.)  Introducing an
>> abbreviation --e.g. an h2 tag-- is considerably clearer from an
>> algorithm developer's POV.
> Well, if you want to introduce semantic changes why not just change
> the meaning of h=from:to: to be semantically identical to
> h=from:from:to:to:
>
> Old verifiers still work as well as they do today, new verifiers work
> better and virtually all existing signers still work (excepting those
> that sign a subset of legitimately repeating headers - which must be
> rare).
>
> In either cases, the implementation changes are about the same, but
> the spec is simpler.
Agreed.  But use of the h=from:from prevents one mode of exploitation, 
because this requirement until now had not been made explicit.

-Doug
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

Reply via email to