Hi!
How about multiple b=, like this:
DKIM2-Signature: i=1; d=example.com; b=hash1:signature1:selector1;
b=hash2:signature2:selector2; ...
I.e. allow multiple b= and combine bh and selector into the signature
(bh too as to allow for different hash algorithms as determined per
selector)? The format itself could be without hard format-defined limit,
but the standard should probably set technical limits (signers MAY NOT
add more than 10 signatures, verifiers SHOULD accept up to 10
signatures, or something)?
Or
bh1=hash1;bh2=hash2;b=1:signature1:selector1;b=1:signature2:selector2;b=2:signature3:selector3
So hash values can be reused if the hash is the same for 2 signature
schemes (like rsa-sha256 and ed25519-sha256) but could eventually be
different for a third one (say, somepq-sha3)? The numbers directly after
b= would reference the digit suffix for bhN.
Hannah.
On 7/15/25 03:10, John Levine wrote:
It appears that Wei Chuang <[email protected]> said:
-=-=-=-=-=-
On Thu, Jul 10, 2025 at 1:42 PM Allen Robinson <arobins=
[email protected]> wrote:
Assuming there ends up being support for multiple signatures within a
single header field to support algorithm dexterity, a less DNS-impacting
option could be to have multiple selector+signature pairs within the field.
This would allow us to keep the single key per record structure of DKIM.
Something like this:
DKIM2-Signature: i=1; d=google.com; s=rsakeysel; bh=RSA_SIG;
s2=ed25519keysel; bh2=ED25519_SIG
With this approach, will there be a fixed number of alternative keys per
signature? For example if there are only two allowed, could we then only
have to specify statically "s" and "s2" and similarly "bh" and "bh2"?
While more than two signatures seems sort of unlikely, if we're going to allow
multiple signatures, we might as well allow an arbitrary number up to some
high limit like 10 and allow s2 through s9 or whatever.
I wouldn't think it'd be much harder to check N signatures than to
check 2. I suppose a malicious person could add a whole lot of fake
signatures as a DoS attack but that's not new; one large mail provider
says they see mail with a hundred DKIM-Signature headers now.
R's,
John
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
--
Hannah Stern Mail System Development
www.mail-and-media.com 1&1 Mail & Media Development & Technology GmbH
[email protected] Brauerstraße 48 76135 Karlsruhe Germany
+49 721 91374-4519
Hauptsitz Montabaur, Amtsgericht Montabaur, HRB 5452
Geschäftsführer: Alexander Charles, Dr. Michael Hagenau, Dana Kraft,
Thomas Ludwig
Member of United Internet
Diese E-Mail kann vertrauliche und/oder gesetzlich geschützte
Informationen enthalten. Wenn Sie nicht der bestimmungsgemäße Adressat
sind oder diese E-Mail irrtümlich erhalten haben, unterrichten Sie
bitte den Absender und vernichten Sie diese E-Mail. Anderen als dem
bestimmungsgemäßen Adressaten ist untersagt, diese E-Mail zu speichern,
weiterzuleiten oder ihren Inhalt auf welche Weise auch immer zu verwenden.
This e-mail may contain confidential and/or privileged information. If you
are not the intended recipient of this e-mail, you are hereby notified
that saving, distribution or use of the content of this e-mail in any
way is prohibited. If you have received this e-mail in error, please
notify the sender and delete the e-mail.
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
