dkim-verify icon indicating copy to clipboard operation
dkim-verify copied to clipboard
verified publisher icon kmille

rfc 6376 compliance

Open timcoote opened this issue 1 year ago • 0 comments

Thanks for this, one of the best explanations of the details of dkim that I've found - and useful as there are some odd dkim signature fails.

One thing that I'm not clear on. Line 219 of README.md, in a section on relaxed header canonicalization: - remove duplicate entrys (like the to:to:), and the supporting code in hash_headers: header_to_hash_list.remove(header) # strip duplicate header like the from

seem to me to be in contradiction with the rfc, which says in section 3.5, in the section discussing the h= tag in the DKIM-Signature header field: "The field MAY contain multiple instances of a header field name, meaning multiple occurrences of the corresponding header field are included in the header hash. "

And if the duplication is allowed, the signature does fail.

Is this a bug in the example (+ the system that signed the example email), or have I got something wrong?

timcoote avatar Apr 14 '24 12:04 timcoote