https://bugs.exim.org/show_bug.cgi?id=2179
Jeremy Harris <jgh146exb@???> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |INVALID
--- Comment #1 from Jeremy Harris <jgh146exb@???> ---
RFC4871
5.5. Recommended Signature Content
[...]
The following header fields SHOULD be included in the signature, if
they are present in the message being signed:
o From (REQUIRED in all signatures)
o Sender, Reply-To
o Subject
o Date, Message-ID
o To, Cc
o MIME-Version
o Content-Type, Content-Transfer-Encoding, Content-ID, Content-
Description
o Resent-Date, Resent-From, Resent-Sender, Resent-To, Resent-Cc,
Resent-Message-ID
o In-Reply-To, References
o List-Id, List-Help, List-Unsubscribe, List-Subscribe, List-Post,
List-Owner, List-Archive
5.4. Determine the Header Fields to Sign
[...]
Signers MAY claim to have signed header fields that do not exist
(that is, signers MAY include the header field name in the "h=" tag
even if that header field does not exist in the message). When
computing the signature, the non-existing header field MUST be
treated as the null string (including the header field name, header
field value, all punctuation, and the trailing CRLF).
INFORMATIVE RATIONALE: This allows signers to explicitly assert
the absence of a header field; if that header field is added later
the signature will fail.
--
You are receiving this mail because:
You are on the CC list for the bug.
