Dear John and all!
On 7/15/25 03:06, John Levine wrote:
It appears that Hannah Stern <[email protected]> said:
1) Find in the message which of the recommended header fields are
present. Read the header fields in the order found in the recommended
header field list,
I'd suggest sorting headers by case-insensitive lexical sort of header
field keys, and within the same key, by original order in the header.
But that still screws up if a helpful relay switches the order
of two fields with the same key.
Do we have that issue? That would already break DKIM1, even if the
signature commits to only one copy (which would be the bottom one) of a
field key. Once a relay reorders headers, the signature would be checked
against a different copy of the field than what the signer committed to.
But if that's an issue:
Just do a case-insensitive sort of all of the header fields that
go into the hash.
I'd be fine with that with one caveat: We'd need to specify how to break
the ties between, for example,
Foo: bar
foo: bar
Foo: Bar
foo: Bar
I'd suggest removing the reversal (bottom to top).
Agreed. Or if that's really what people want, reverse the sort order.
I'd probably ask myself why but if it's better for some...
[...]
I think we agree here, give or take my nit about sorting the full header fields.
Yes. And given that you may have longer and more experience with weird
things relays do, and if you say this is an issue, I'd be very ok with
your "nit" and just sort the full fields.
We'd just need to specify tie-breaking (see above). And when to sort
(before or after "relaxed" canonization). If after "relaxed", the
tie-breaking will be needed only for field bodies, after keys/field
names are case-folded to lowercase. Perhaps after canonization, we could
sort case-sensitively (lexicographically by octets) in fact?
R's,
John
Kind regards,
Hannah.
--
Hannah Stern Mail System Development
www.mail-and-media.com 1&1 Mail & Media Development & Technology GmbH
[email protected] Brauerstraße 48 76135 Karlsruhe Germany
+49 721 91374-4519
Hauptsitz Montabaur, Amtsgericht Montabaur, HRB 5452
Geschäftsführer: Alexander Charles, Dr. Michael Hagenau, Dana Kraft,
Thomas Ludwig
Member of United Internet
Diese E-Mail kann vertrauliche und/oder gesetzlich geschützte
Informationen enthalten. Wenn Sie nicht der bestimmungsgemäße Adressat
sind oder diese E-Mail irrtümlich erhalten haben, unterrichten Sie
bitte den Absender und vernichten Sie diese E-Mail. Anderen als dem
bestimmungsgemäßen Adressaten ist untersagt, diese E-Mail zu speichern,
weiterzuleiten oder ihren Inhalt auf welche Weise auch immer zu verwenden.
This e-mail may contain confidential and/or privileged information. If you
are not the intended recipient of this e-mail, you are hereby notified
that saving, distribution or use of the content of this e-mail in any
way is prohibited. If you have received this e-mail in error, please
notify the sender and delete the e-mail.
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
