It appears that Gellner, Oliver via mailop <oliver.gell...@dm.de> said: >> Yes, I'm sure it does. >> Using simple/simple canonicalization is not for people who want robust DKIM >> signatures. > >The relaxed canonicalization of DKIM would fix this particular issue, but >relaxed means both the signer and the verifier have to apply >modifications to the content before signing/verifying, which might introduce >new bugs or edge cases. ...
The canonicalization is done as the library computes the hash, not by making a separate version of the message. We've had DKIM libraries doing relaxed signatures for over a decade and I don't ever recall a security bug related to that. There's a separate question about why relays are munging the headers but it usually comes down to, yeah, we know they shouldn't but it's not a high priority to fix. R's, John _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
