On Sun, Aug 18, 2024 at 10:18 PM Jan Dušátko <jan= [email protected]> wrote:
> I would like to correct to the "signed part of message is unchanged", > because of problematic length tag in DKIM-Signature header. > Are you observing widespread use of "l="? I seem to recall it had almost completely fallen out of use. As I recall, at the time of publication of RFC 6376, we debated removing it but decided we couldn't because its use had not fallen to zero, but it was pretty close. > Again, better to wrote if signed part of message has been altered. Anyone > can add anything after signed part, event. anyone can add a extensions in > case that you does not have signed appropriate mail headers. > If the signature verifies, a verifier can certainly tell that a message was extended beyond the signed part, though it can't tell whether that was added before or after signing. The implementation I did would tell you how much was signed and left it to the consumer to decide what to do with that information. We discussed at some point the idea of providing MUAs with guidance about how to display the signed part as different from the unsigned part, but eventually backed away from giving any sort of general MUA advice like that. -MSK
_______________________________________________ Ietf-dkim mailing list -- [email protected] To unsubscribe send an email to [email protected]
