RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 4871, "DomainKeys Identified Mail (DKIM) Signatures", May 2007

Note: This RFC has been obsoleted by RFC 6376

Source of RFC: dkim (sec)

Errata ID: 1380
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT

Reported By: Tony Hansen
Date Reported: 2008-03-21
Held for Document Update by: Pasi Eronen

Section 3.5 says:

       INFORMATIVE NOTE: The "x=" tag is not intended as an anti-replay
           defense.

It should say:

       INFORMATIVE NOTE: The "x=" tag is not intended as an anti-replay
           defense.
       INFORMATIVE NOTE: Due to clock drift, the receiver’s notion of 
when to consider the signature expired may not match exactly when the 
sender is expecting. Receiver’s MAY add a 'fudge factor' to allow for 
such possible drift.

Notes:

From the October 2008 interop event:

When does x= take effect?
* §3.5 says the “x=” value is an “absolute date”
* A receiver’s notion of absolute time might not match the sender’s notion of absolute time
* The document may not expire exactly when sender thinks it should
* A receiving implementation has these choices:
- Try to decide how far apart sender’s notion of absolute time is from the receiver’s notion of absolute time, based on header information
- Use local knowledge of what the absolute time is
- Add in a “fudge factor” to acknowledge possible clock drift

Report New Errata