> -----Original Message----- > From: [email protected] [mailto:ietf-dkim- > [email protected]] On Behalf Of Michael Ströder > Sent: Thursday, May 06, 2010 4:51 AM > To: [email protected] > Subject: [ietf-dkim] Clarification needed for "Computing the Message > Hashes" > > HI! > > I wondered about a sentence in section 3.7. of RFC 4871: > > [..] The header field MUST be presented to > the hash algorithm after the body of the message rather than with > the > rest of the header fields and [..] > > http://www.dkim.org/specs/rfc4871-dkimbase.html#hashing > > What does "the body of the message" mean exactly? The 1. body-hash or > really > 2. the whole message body (again)? > > The more formal description implies 1.: > > body-hash = hash-alg(canon_body) > header-hash = hash-alg(canon_header || DKIM-SIG) > signature = sig-alg(header-hash, key)
You're computing two hashes. The first is a hash over the signed header fields (which gets stored in the "bh="), and the second is over the body followed by the (incomplete) DKIM-Signature header field. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
