https://bugs.exim.org/show_bug.cgi?id=2179
Jeremy Harris <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |INVALID --- Comment #1 from Jeremy Harris <[email protected]> --- RFC4871 5.5. Recommended Signature Content [...] The following header fields SHOULD be included in the signature, if they are present in the message being signed: o From (REQUIRED in all signatures) o Sender, Reply-To o Subject o Date, Message-ID o To, Cc o MIME-Version o Content-Type, Content-Transfer-Encoding, Content-ID, Content- Description o Resent-Date, Resent-From, Resent-Sender, Resent-To, Resent-Cc, Resent-Message-ID o In-Reply-To, References o List-Id, List-Help, List-Unsubscribe, List-Subscribe, List-Post, List-Owner, List-Archive 5.4. Determine the Header Fields to Sign [...] Signers MAY claim to have signed header fields that do not exist (that is, signers MAY include the header field name in the "h=" tag even if that header field does not exist in the message). When computing the signature, the non-existing header field MUST be treated as the null string (including the header field name, header field value, all punctuation, and the trailing CRLF). INFORMATIVE RATIONALE: This allows signers to explicitly assert the absence of a header field; if that header field is added later the signature will fail. -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
