RFC Errata
RFC 6376, "DomainKeys Identified Mail (DKIM) Signatures", September 2011
Note: This RFC has been updated by RFC 8301, RFC 8463, RFC 8553, RFC 8616
Source of RFC: dkim (sec)See Also: RFC 6376 w/ inline errata
Errata ID: 5252
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Alastair Houghton
Date Reported: 2018-02-02
Verifier Name: Barry Leiba
Date Verified: 2019-04-30
Section 3.7 says:
More formally, pseudo-code for the signature algorithm is:
body-hash = hash-alg (canon-body, l-param)
data-hash = hash-alg (h-headers, D-SIG, body-hash)
signature = sig-alg (d-domain, selector, data-hash)
where:
body-hash: is the output from hashing the body, using hash-alg.
hash-alg: is the hashing algorithm specified in the "a" parameter.
canon-body: is a canonicalized representation of the body, produced
using the body algorithm specified in the "c" parameter,
as defined in Section 3.4 and excluding the
DKIM-Signature field.
l-param: is the length-of-body value of the "l" parameter.
data-hash: is the output from using the hash-alg algorithm, to hash
the header including the DKIM-Signature header, and the
body hash.
h-headers: is the list of headers to be signed, as specified in the
"h" parameter.
D-SIG: is the canonicalized DKIM-Signature field itself without
the signature value portion of the parameter, that is, an
empty parameter value.
It should say:
More formally, pseudo-code for the signature algorithm is:
body-hash = hash-alg (canon-body, l-param)
data-hash = hash-alg (h-headers, D-SIG)
signature = sig-alg (d-domain, selector, data-hash)
where:
body-hash: is the output from hashing the body, using hash-alg.
hash-alg: is the hashing algorithm specified in the "a" parameter.
canon-body: is a canonicalized representation of the body, produced
using the body algorithm specified in the "c" parameter,
as defined in Section 3.4 and excluding the
DKIM-Signature field.
l-param: is the length-of-body value of the "l" parameter.
data-hash: is the output from using the hash-alg algorithm, to hash
the header including the DKIM-Signature header, and the
body hash.
h-headers: is the list of headers to be signed, as specified in the
"h" parameter.
D-SIG: is the canonicalized DKIM-Signature field itself without
the signature value portion of the parameter, that is, an
empty parameter value, with no trailing CRLF.
Notes:
data-hash does not include body-hash (body-hash is already included by virtue of the "bh=" tag in D-SIG). Also, D-SIG should not include the trailing CRLF, unlike the headers in h-headers.