dkim_verifier
dkim_verifier copied to clipboard
RFC 8601: update reading of Authentication-Results to new RFC
Current logic for Authentication-Results header is based on RFC 7601.
There exist a newer RFC 8601. No analysis yet done what changed, and how it affects the add-on.
Relevant changes between RFC 7601 and RFC 8601:
- Added IANA registration for DKIM "a" and "s" properties. (https://www.iana.org/assignments/email-auth/email-auth.xhtml)
- Added support for Internationalized Email (see also #163)
- Section 1.5.2.
- Formal Definition changes
- Comparison of
authserv-id
should be done after converting A-labels into U-labels (see section 5.)
Currently looking into the added Internationalized Email support. If anyone has any real world example e-mails, please send them to me via e-mail. Thanks.
The a
property in an ARH is now recognized and handled (i.e. check if the weak rsa-sha1
algorithm is used).
The s
property is still ignored, as it is also currently not used in the DKIM verification besides for the retrieval of the DKIM key.
I however decided to keep proper support for Internationalized Email out of the 4.2.0 release. Some partial support is now included and can be enabled with a hidden setting. Please let me know if anyone encounters a real world example (and best provide it to me). This certainly would increase to me the priority of implementing proper support for Internationalized Email.