Re: [exim] dkim signature is including empty headers, seems…

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Heiko Schlittermann
Datum:  
To: exim-users
Betreff: Re: [exim] dkim signature is including empty headers, seems like it shouldn't be
Heiko Schlittermann via Exim-users <exim-users@???> (Do 26 Okt 2017 10:49:18 CEST):
> Richard Clayton via Exim-users <exim-users@???> (Do 26 Okt 2017 10:23:20 CEST):
> …
> > note that some people sign
> >
> >         Subject:Subject

> >
> > and similar so that if a second Subject is added (which is of course not
> > standards compliant, but some mail systems will display a second subject
> > in preference to the first one [and vice versa]) and so they wish to
> > guard against this
>
> How does signing subject:subject scale if there is a 2+Nth subject?


Answered (thanks to jgh, pointing me to the RFC). The 2nd subject of
that list signs the non-existence of a 2nd subject line. Thus the
signature verification would fail as soon as someone adds another (2nd,
3rd, ..) subject later.

But, what if the sender intentionally put there two subject lines, than
you'd need subject:subject:subject in the list of headers to be signed.

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -
 ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -