> -----Original Message----- > From: [email protected] [mailto:[email protected]] On > Behalf Of McDowell, Brett > Sent: Thursday, September 16, 2010 11:38 AM > To: [email protected] > Subject: [dkim-ops] RFC 5672 and optional vs. default value of AUID > > So, should the signature be processed as if the default value for the > AUID (i= value) were present or processed as if the AUID (i= value) > wasn't even part of the specification?
Actually now I'm confused by your use of "processed", so I want to give a more precise answer. If "processed" describes the blob of data fed to the hash function, then the absence of "i=" in a signature must of course be reflected in the hashing when verifying or it won't verify. (That is, you don't feed the default value explicitly when "i=" is missing or the hash will not match.) As far as determining the "i=" value once the signature has been processed, we do the former; if you ask the library "What was the signer's identity?", we will give back either the literal value (if "i=" was present) or the specified default value based on "d=" (if "i=" was absent). _______________________________________________ dkim-ops mailing list [email protected] http://mipassoc.org/mailman/listinfo/dkim-ops
