On 29/Apr/11 19:56, Dave CROCKER wrote: > As for the second part, with or without Content-Type, messing with the > message > in any interesting way will break the signature.
I'm not sure what you mean by "second part" and "interesting way". The change to that security consideration section was meant to warn against the attack that John mentioned, that is: original: DKIM-Signature: d=example.com; h=From:From:Subject; l=17; ... From: [email protected] Subject: unsigned Content-Type follows Content-Type: text/plain This is signed! changed by attacker: DKIM-Signature: d=example.com; h=From:From:Subject; l=17; ... From: [email protected] Subject: unsigned Content-Type follows Content-Type: multipart/mixed; boundary=boundary This is signed! --boundary Content-Type: text/plain Now this is the only visible part of the message, the (invisible) MIME preamble is still signed, the original signature is not broken. --boundary-- -- _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
