On Sat, 5 Apr 2025, Alessandro Vesely wrote:
If we could just say these headers only occur once, if you see two just
give up, it makes the process somewhat simpler and more importantly ends
the argument about oversigning.
This argument overlaps with the idea of having those header fields silently
implied in the signature, with h= only mentioning possible extra fields.
That makes no sense. Whuch headers we sign and how many instances of them
we sign are completely orthogonal.
On the other hand, I was looking at the modification algebra document. It
implicitly assumes that the headers that are being modified occur only
once. As part of our strawman, let's assume both that lithere's a set of
headers that can only occur once, you can't sign a message or verify a
signature if any more them occur more than once, and they're the only ones
that can be modified.
If people say this won't work, I would appreciate plausible examples of
something a signer would want to do but couldn't with emphasis on
plausible.
R's,
John
_______________________________________________
Ietf-dkim mailing list -- ietf-dkim@ietf.org
To unsubscribe send an email to ietf-dkim-le...@ietf.org
