OT: DKIM signatures on email messages from lists.gnupg.org

Alessandro Vesely vesely at tana.it
Tue Jun 13 11:54:19 CEST 2023

On Tue 13/Jun/2023 11:40:39 +0200 Werner Koch via Gnupg-users wrote:
> BTW, the whole DKIM thing does not protect the body of a mail because 
> for example the Content-type is not commonly included in the hash and 
> thus you can change the boundary in this header and then tweak the body.

That hack only works when a signature contains the l= tag, which limits the 
part of the body covered by the signature to the given length.  That tag was 
indeed designed so that mailing lists could append a footer to plain text 
messages.  It should never be set.


More information about the Gnupg-users mailing list