Murray,
> Authentication-Results is defined in RFC5451, and the possible DKIM values
> are listed there.  The "header.b" extension was added in RFC6008.
> ADSP is defined in RFC5617, and it adds the "dkim-adsp" values.
Toying a bit with OpenDKIM 2.3.0 and RFC 6008 I noticed that the
opendkim can be lured into copying a long b tag from a signature
into its A-R header field (using a duplicated signature), e.g.:
Authentication-Results: mail.ijs.si; dkim=pass (1024-bit key)
        header.i=_at_ijs.si
        
header.b=Dkqr86W+4ro5X4+joacSRJyVkH9+8duNNxXZCYEZjec8Kjo7x4ifvWRtYUhw0hYfNPXrSITyWFpYqnYTjsqW58ZHdoh4vNSfUMTIPgcSK0MS5ETG8h+80loeQjr0crAx791AnnlOi71wi9SxogbLSuF7alw8DSfKmx2a9C37d9Y=;
        dkim-adsp=pass
That makes a 184-character header line, which exceeds the recommended
(SHOULD) size of 78 in RFC 5322. I didn't check if a 998 char limit could
be exceeded in this way.
The  RFC 6008 doesn't say anything about a possibility of adding FWS into
the header.b . According to RFC 5451 one could use a quoted-string for
this purpose which may embed FWS, but there is no semantic note
saying that such FWS in a quoted-string of header.b could be ignored.
So, is this a specification problem, or an implementational one?
Btw, it would be nice if  RFC 5451 would mandate or at least recommend
that the A-R subfields or separate A-R header fields regarding DK/DKIM
signatures should follow the order of signatures in a mail header section.
The A-R is already declared a trace field, so adding a word on its
internal order would even eliminate the need for RFC 6008.
  Mark
Received on Tue Mar 01 2011 - 18:25:28 PST
This archive was generated by hypermail 2.2.0+W3C-0.50 : Sun May 15 2011 - 15:58:21 PST