On 19/Oct/11 15:56, Murray S. Kucherawy wrote: > > The canonicalized form is truncated by whatever "l=" says, if it's > present. If two signatures use the same canonicalization and have > the same "l=" value (or absence thereof), then the body > canonicalization is the same. In any other case, they're > different. For the common factoring you're after to work, you'd > need a way to say "this canonicalized for applies to this set of > signatures, but not the others". That sounds like it could get > horribly messy.
DKIM-Canonicalized-Body is not required, but that is not the same as saying that the first part of it suffices. For example, if l=0 or the body is empty, the spec says it should be canonicalized to a CRLF. >> In any case, the contents of the report's A-R ought to be specified >> and exemplified in the I-D, IMHO. > > Isn't it safe to assume any negative result in the A-R portion is > the reason for sending the report? Sure, but "negative" ought to be defined, and it should be comparable with the ro= values defined by the relevant per-method specs (which may change between report generation and reception.) With multiple reports, can the Auth-Failure field help determining why a report was generated? It is important for people who need to fine tune their ro=. _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
