Re: [ietf-dkim] versions, Where is the formal definition of DKIM-Signature?

Alessandro Vesely <> Sat, 10 February 2018 09:40 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id B50A9128C0A for <>; Sat, 10 Feb 2018 01:40:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.789
X-Spam-Status: No, score=-1.789 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIM_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: (amavisd-new); dkim=fail (1024-bit key) reason="fail (body has been altered)"
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id mh-vaGTweome for <>; Sat, 10 Feb 2018 01:40:44 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 479F81200E5 for <>; Sat, 10 Feb 2018 01:40:44 -0800 (PST)
Received: from ( []) by (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id w1A9dVio012959; Sat, 10 Feb 2018 01:39:32 -0800
Authentication-Results:; dkim=fail reason="verification failed; unprotected key" header.b=AuPQx/YA; dkim-adsp=unknown (unprotected policy); dkim-atps=neutral
Received: from ( []) by (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id w1A9dRuF012955 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for <>; Sat, 10 Feb 2018 01:39:29 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=beta; t=1518255508; bh=kKHydpFA1rcBKjDXHibOSWAKsxNiXi5veXedAcJM0hM=; l=632; h=To:References:From:Date:In-Reply-To; b=AuPQx/YAYRc9zLsSvTc7RaSU16Va5OzmIrSpJbJ7V4K3g3Eq0ZeSVLls1HBoriddf 1ky/foqYuIeUqRGHmV0+vHG0/h2tuaffSiawrewbCArF/W8oNiSR2ErUvPcpq82p6R KX5op+/ScEYjGtMf3evpkPB3f5GlKJ91P5Zu6gp0=
Authentication-Results:; auth=pass (details omitted)
Received: from [] ([]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k) by with ESMTPA; Sat, 10 Feb 2018 10:38:28 +0100 id 00000000005DC0C4.000000005A7EBD94.00004B50
References: <alpine.OSX.2.21.1802091731220.56915@ary.qy>
From: Alessandro Vesely <>
Openpgp: id=0A5B4BB141A53F7F55FC8CBCB6ACF44490D17C00
Message-ID: <>
Date: Sat, 10 Feb 2018 10:38:28 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <alpine.OSX.2.21.1802091731220.56915@ary.qy>
Content-Language: en-US
Subject: Re: [ietf-dkim] versions, Where is the formal definition of DKIM-Signature?
X-Mailman-Version: 2.1.16
Precedence: list
List-Id: IETF DKIM Discussion List <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Sender: "ietf-dkim" <>

On Fri 09/Feb/2018 23:31:41 +0100 John R. Levine wrote:
> The DKIM v=2 hack I proposed is a lot like SMTP extensions in that if
> your signature doesn't need the new semantics, don't ask for them, so
> you should sign with v=1, so the old and new will coexist forever.
> Since they can easily be handled by the same signing and verifying
> libraries, that's not a problem.

Assuming that that hack would have been way more befitting than any other idea
discussed on dmarc-ietf ever since, one may wonder how much of its fading away
was due to its version bumping instead of, say, introducing a new header field.


NOTE WELL: This list operates according to