PHWinfo - Afficher un message

31/10/2006, 22h37

Bill Seligman wrote:
> I've been trying to get DomainKeys to work on my mail server. I know
> this is not the DKIM newsgroup, but there's one issue I'd like to know
> about before I dismiss it as the cause of the problem.
>
> My mail server breaks up long headers with "\r\t" characters. Here's an
> example of what I mean:
>
> DomainKey-Signature: a=rsa-sha1; s=mail; d=nevis.columbia.edu; c=simple;
> q=dns;
> b=jXOJ3HiGQX+GP/t0eaAkXa0tHj4jZbs1jlI1xK9F4dhzHhHfNqa9PF7MvWf+kP0j K
> xALUc16S1FBwbSehokU4w==
>
> As you can see, the "b=" field (containing the DomainKey signature
> information) has been broken into two lines.

The format of mail headers (and the folding and unfolding of long
headers) is defined in rfc2822. Normaly can folding only be done
at a place in the header with existing whitespace.

But see the definition of the DomainKey-Signature header at
http://www.ietf.org/internet-drafts/...ys-base-06.txt

INTERNET DRAFT Mark Delany
Title: draft-delany-domainkeys-base-06.txt Yahoo! Inc
Expires: 24 January 2007 25 July 2006

Domain-based Email Authentication Using Public Keys
Advertised in the DNS (DomainKeys)

[...]

For extensibility, the "DomainKey-Signature:" header contains
tag=value pairs separated by semicolons, e.g.:

DomainKey-Signature: a=rsa-sha1; s=brisbane; d=example.net;
q=dns; c=simple

The current valid tags are:

a = The algorithm used to generate the signature. The default is
"rsa-sha1", an RSA signed SHA1 digest. Signers and verifiers
MUST support "rsa-sha1".

b = The signature data, encoded as a Base64 string. This tag MUST
be present.

Whitespace is ignored in this value and MUST be removed when
re-assembling the original signature. This is another way of
saying that the signing process can safely insert folding
whitespace in this value to conform to line-length limits.

[...]

So there is nothing wrong with your header as far as I can see.

Kees.

--
Kees Theunissen.

31/10/2006, 22h37	#2
Kees Theunissen Messages: n/a Hébergeur:	Re: Formatting of mail headers Bill Seligman wrote: > I've been trying to get DomainKeys to work on my mail server. I know > this is not the DKIM newsgroup, but there's one issue I'd like to know > about before I dismiss it as the cause of the problem. > > My mail server breaks up long headers with "\r\t" characters. Here's an > example of what I mean: > > DomainKey-Signature: a=rsa-sha1; s=mail; d=nevis.columbia.edu; c=simple; > q=dns; > b=jXOJ3HiGQX+GP/t0eaAkXa0tHj4jZbs1jlI1xK9F4dhzHhHfNqa9PF7MvWf+kP0j K > xALUc16S1FBwbSehokU4w== > > As you can see, the "b=" field (containing the DomainKey signature > information) has been broken into two lines. The format of mail headers (and the folding and unfolding of long headers) is defined in rfc2822. Normaly can folding only be done at a place in the header with existing whitespace. But see the definition of the DomainKey-Signature header at http://www.ietf.org/internet-drafts/...ys-base-06.txt INTERNET DRAFT Mark Delany Title: draft-delany-domainkeys-base-06.txt Yahoo! Inc Expires: 24 January 2007 25 July 2006 Domain-based Email Authentication Using Public Keys Advertised in the DNS (DomainKeys) [...] For extensibility, the "DomainKey-Signature:" header contains tag=value pairs separated by semicolons, e.g.: DomainKey-Signature: a=rsa-sha1; s=brisbane; d=example.net; q=dns; c=simple The current valid tags are: a = The algorithm used to generate the signature. The default is "rsa-sha1", an RSA signed SHA1 digest. Signers and verifiers MUST support "rsa-sha1". b = The signature data, encoded as a Base64 string. This tag MUST be present. Whitespace is ignored in this value and MUST be removed when re-assembling the original signature. This is another way of saying that the signing process can safely insert folding whitespace in this value to conform to line-length limits. [...] So there is nothing wrong with your header as far as I can see. Kees. -- Kees Theunissen.