[GH-ISSUE #87] Does simple/simple (normalizing) break S/MIME? #68

New issue

Closed

opened 2026-02-26 10:35:35 +03:00 by kerem · 2 comments

kerem commented 2026-02-26 10:35:35 +03:00

Owner

Copy link

Originally created by @Pro on GitHub (May 8, 2015).
Original GitHub issue: https://github.com/Pro/dkim-exchange/issues/87

If canonicalization simple is used, it may break an already existing S/MIME signature because the body is changed (i.e. line endings and header names are normalized according to the DKIM RFC)

This needs further investigation. See also #86

Originally created by @Pro on GitHub (May 8, 2015). Original GitHub issue: https://github.com/Pro/dkim-exchange/issues/87 If canonicalization `simple` is used, it may break an already existing S/MIME signature because the body is changed (i.e. line endings and header names are normalized according to the DKIM RFC) This needs further investigation. See also #86

kerem 2026-02-26 10:35:35 +03:00

• closed this issue
• added the
  question
  agent
  labels

kerem commented 2026-02-26 10:35:35 +03:00

Author

Owner

Copy link

@AlexLaroche commented on GitHub (May 8, 2015):

@Pro : If canonicalization simple is active, we calculate the dkim signature on the original email. If canonicalization relaxed is active, we normalize a copy of the email to calculate the email. We aren't supposed to change the original email. The only thing the signer is suppose to do is to add the calculated DKIM signature.

<!-- gh-comment-id:100357621 --> @AlexLaroche commented on GitHub (May 8, 2015): @Pro : If canonicalization simple is active, we calculate the dkim signature on the original email. If canonicalization relaxed is active, we normalize a copy of the email to calculate the email. We aren't supposed to change the original email. The only thing the signer is suppose to do is to add the calculated DKIM signature.

kerem commented 2026-02-26 10:35:35 +03:00

Author

Owner

Copy link

@Pro commented on GitHub (May 8, 2015):

Oh right, I mixed simple and relaxed up.
But I wasn't sure if if S/MIME also includes headers into the signature. Looked that up now and also the tests from Bug #86 confirm that we should be fine.

<!-- gh-comment-id:100380960 --> @Pro commented on GitHub (May 8, 2015): Oh right, I mixed simple and relaxed up. But I wasn't sure if if S/MIME also includes headers into the signature. Looked that up now and also the tests from Bug #86 confirm that we should be fine.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

dependabot/nuget/Src/Configuration.DkimSigner/MimeKit-4.7.1

Ed25519-SHA256

feature/dkim-verify

coverity_scan

v3.4.1.2

v3.4.2

v3.4.1.1

v3.4.1

v3.4.0

v3.3.4

v3.3.3

v3.3.2

v3.3.1

v3.2.9

v3.2.8

v3.2.7

3.2.6

v3.2.5

v3.2.4

v3.2.4-alpha

v3.2.3.1

v3.2.3

v3.2.2

v3.2.0

v3.1.0

v3.0.13

v3.0.12

v3.0.11

v3.0.10

v3.0.9

v3.0.8

v3.0.7

v3.0.6

v3.0.5

v3.0.4

v3.0.3

v3.0.2

v3.0.1

v3.0.0

v3.0.0-beta.2

v3.0.0-beta

v2.1.8

v2.1.7

v2.1.6

v2.1.5

v2.1.5-beta.2

v2.1.5-beta

v2.1.4

v2.1.3

v.2.1.2

v2.1.1

v2.1.0

v2.0.3

v2.0.2

v2.0.1

v2.0.0-beta.4

v2.0.0-rc.1

v2.0.0-beta.3

v2.0.0-beta.2

v2.0.0-beta

v2.0.0-alpha.1

v2.0.0-alpha

v1.8.3

1.8.2

v1.8.1

v1.8.0

v1.7.0

v1.6.0

v1.5.2

Labels

Clear labels   

agent

  

agent

  

bug

  

bug

  

enhancement

  

gui

  

invalid

  

need-info

  

question

  

wontfix

No labels

agent

agent

bug

bug

enhancement

gui

invalid

need-info

question

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/dkim-exchange-Pro#68

No description provided.