OT: DKIM signatures on email messages from lists.gnupg.org
Alessandro Vesely
vesely at tana.it
Tue Jun 13 11:54:19 CEST 2023
On Tue 13/Jun/2023 11:40:39 +0200 Werner Koch via Gnupg-users wrote:
> BTW, the whole DKIM thing does not protect the body of a mail because
> for example the Content-type is not commonly included in the hash and
> thus you can change the boundary in this header and then tweak the body.
That hack only works when a signature contains the l= tag, which limits the
part of the body covered by the signature to the given length. That tag was
indeed designed so that mailing lists could append a footer to plain text
messages. It should never be set.
Best
Ale
--
More information about the Gnupg-users
mailing list