https://bugs.exim.org/show_bug.cgi?id=2179
Ian Kelling <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|INVALID |--- --- Comment #2 from Ian Kelling <[email protected]> --- > RFC4871 > > 5.5. Recommended Signature Content > [...] > The following header fields SHOULD be included in the signature, if > they are present in the message being signed: > > o From (REQUIRED in all signatures) > o Sender, Reply-To > o Subject > o Date, Message-ID > o To, Cc > o MIME-Version > o Content-Type, Content-Transfer-Encoding, Content-ID, Content- > Description > o Resent-Date, Resent-From, Resent-Sender, Resent-To, Resent-Cc, > Resent-Message-ID > o In-Reply-To, References > o List-Id, List-Help, List-Unsubscribe, List-Subscribe, List-Post, > List-Owner, List-Archive > > 5.4. Determine the Header Fields to Sign > [...] > Signers MAY claim to have signed header fields that do not exist > (that is, signers MAY include the header field name in the "h=" tag > even if that header field does not exist in the message). When > computing the signature, the non-existing header field MUST be > treated as the null string (including the header field name, header > field value, all punctuation, and the trailing CRLF). > > INFORMATIVE RATIONALE: This allows signers to explicitly assert > the absence of a header field; if that header field is added later > the signature will fail. Yes, this further proves my point about the documentation being wrong. "MAY" is not at all a synonym with "recommended." So the documentation claims to include "recommended" but in actually includes "recommended" + "may". Both terms are defined in https://www.ietf.org/rfc/rfc2119.txt -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
