On August 17, 2005 at 19:29, Tony Finch wrote: > > How do you look for the first signature that matters? If the first > > (however you decide to examine the message headers -- top-to-bottom, > > bottom-to-top, random?) DKIM-Signature lists another DKIM-Signature > > as the list of fields included in the signature, which DKIM-Signature > > field should be included during the crypto verification process? > > The DKIM-Signature field which lists one fewer DKIM-Signature field in its > list of signed header fields.
This assumes that a signer will always sign all existing DKIM-Signature fields present and that re-ordering has not happened. --ewh _______________________________________________ ietf-dkim mailing list http://dkim.org
