RFC Errata
RFC 4871, "DomainKeys Identified Mail (DKIM) Signatures", May 2007
Note: This RFC has been obsoleted by RFC 6376
Note: This RFC has been updated by RFC 5672
Source of RFC: dkim (sec)See Also: RFC 4871 w/ inline errata
Errata ID: 1487
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Murray S. Kucherawy
Date Reported: 2008-08-14
Verifier Name: Pasi Eronen
Date Verified: 2009-05-14
Section 3.6.1 says:
v= Version of the DKIM key record (plain-text; RECOMMENDED, default is "DKIM1"). If specified, this tag MUST be set to "DKIM1" (without the quotes). This tag MUST be the first tag in the record. Records beginning with a "v=" tag with any other value MUST be discarded. Note that verifiers must do a string comparison on this value; for example, "DKIM1" is not the same as "DKIM1.0". ABNF: key-v-tag = %x76 [FWS] "=" [FWS] "DKIM1"
It should say:
v= Version of the DKIM key record (plain-text; RECOMMENDED, default is "DKIM1"). If specified, this tag MUST be set to "DKIM1" (without the quotes). This tag MUST be the first tag in the record. Records beginning with a "v=" tag with any other value MUST be discarded. Note that verifiers must do a string comparison on this value; for example, "DKIM1" is not the same as "DKIM1.0". ABNF: key-v-tag = %x76 [FWS] "=" [FWS] %x44 %x4B %x49 %x4D %x31
Notes:
RFC5234 section 2.3 says string literals in ABNF are case-insensitive. However, RFC4871 section 3.2 says tag values are case-sensitive unless stated otherwise. This renders the defintion of "v=" in section 3.6.1 of this RFC ambiguous.
Therefore, one interpretation of "DKIM1" here allows "dkim1" and one does not.
Either the "case-sensitive" nature of tag values should be changed, or the ABNF needs to be revised to be more precise.