[exim-dev] [Bug 1310] Add an option to specify the headers t…

Startseite
Nachricht löschen
Nachricht beantworten
Autor: admin
Datum:  
To: exim-dev
Alte Treads: [exim-dev] [Bug 1310] New: Add an option to specify the headers that should be used for DKIM signatures
Betreff: [exim-dev] [Bug 1310] Add an option to specify the headers that should be used for DKIM signatures
https://bugs.exim.org/show_bug.cgi?id=1310

Jeremy Harris <jgh146exb@???> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Target Milestone|--                          |Exim 4.88+


--- Comment #8 from Jeremy Harris <jgh146exb@???> ---
Not quite, as I read it. We'll need to edit the to-be-signed list of headers
as
new headers are noticed, for each match a) adding to the signed block (and h=)
and b) knocking that header out of the list. Then when we run out of message,
add (once) to h= any remaining in the list.

This gets us
- only headers in the list are signed
- headers can be listed in duplicate
- non-present, but listed, headers are "signed" as absent

I'm not seeing that we need any further options. The current coding produces
a signed message which is self-consistent (signing vs. h= declaration of
signing) but is not a full implementation (does not support oversigning; indeed
misses doing it in a great preponderance of cases - non-mailinglist messages).
The proposed solution will still be self-consistent (so verifiers should still
verify) but will have that support.

I don't think the extra use-case noted in #c2 is worth supporting.

We might think about the other direction: always oversigning (all? some
specified
list of?) headers, however many there are of a given one. But probably that's
not this bug number.

--
You are receiving this mail because:
You are on the CC list for the bug.