[Dovecot] SIS Implementation
Timo Sirainen
tss at iki.fi
Sat Aug 15 05:03:57 EEST 2009
On Aug 14, 2009, at 8:39 PM, WJCarpenter wrote:
> These days, standardized digitial signature schemes take into
> account legal transformations that can happen during message
> transmission. Most of them have a canonicalization formula so that
> things still work. However, in early days, various schemes didn't
> take that into account. Luckily, MTAs typically didn't rearrange
> anything even if they were legally allowed to.
Are you sure that really works with e.g. PGP signatures? A quick look
at RFC 3156 seems to say that the data inside multipart/signed really
shouldn't be touched in any way.
More information about the dovecot
mailing list