Which is just the opposite of what I expected. I'm willing to change my
implementation to use this interpretation instead, but I think this
clarification by itself is reason enough to get a -02 out as quickly as
possible.
Tony Hansen
[EMAIL PROTECTED]
Murray S. Kucherawy wrote:
> Tony Hansen wrote:
>>> This paragraph should be ignored completely. It should have been
>>> removed.
>> ...
>> The signature in -00 was generated from "header CRLF body CRLF
>> dkim-signature". Now I expect it to be generated from "header CRLF
>> dkim-signature". That is, the "body CRLF" disappears, but not *both*
>> CRLFs.
>>
>> Am I wrong?
>
> My understanding after talking to Eric:
>
> The body hash is of the body only; no extra CRLFs and no signature.
>
> The header hash contains the headers to be signed (if signing) or the
> headers replayed according to the "h=" tag value (if verifying),
> followed by the signature being evaluated (if verifying) or generated
> (if signing) minus the "b=" value. Again, no extra CRLFs.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
