On 20 Apr 2019, at 6:38, Ralph Seichter wrote:
Signing a non-existing (!) header. Right. Mind if I watch? :-)
There's no need to watch, if you can imagine what it would look like from the description in the specification of how to include non-existent headers in a signature.
The purpose of "over-signing" headers (you can also explicitly include multiple instances of any header) is to signal the addition of particular headers that might be misleading in forwarded or otherwise manipulated messages.
DKIM has features which reflect more concern for conceptual "vulnerabilities" than operational robustness. The mere existence of the 'simple' header canonicalization scheme is an example of this: it is broken by semantically null transformations that may be required in transit. One could argue that the 'relaxed' canonicalization is only slightly better, as it is broken by fix-up of addresses and address lists (e.g. To, Cc) which are in formal violation of RFC822 et seq.
-- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Available For Hire: https://linkedin.com/in/billcole
