Does not ignore unknown service types
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
dkimpy |
Fix Released
|
High
|
Scott Kitterman |
Bug Description
From RFC 6376:
s= Service Type (plain-text; OPTIONAL; default is "*"). A colon-
separated list of service types to which this record applies.
Verifiers for a given service type MUST ignore this record if the
appropriate type is not listed. Unrecognized service types MUST
be ignored. Currently defined service types are as follows:
* matches all service types
email electronic mail (not necessarily limited to SMTP)
This tag is intended to constrain the use of keys for other
purposes, should use of DKIM be defined by other services in the
future.
dkimpy doesn't ignore unknown service types. Now that RFC 8460 has defined a new service type, we really ought to do this.
Changed in dkimpy: | |
milestone: | future → 0.9.5 |
Changed in dkimpy: | |
status: | Fix Committed → Fix Released |
2019-10-07 Version 0.9.5
- Ignore unknown service types in key records (LP: #1847020)
- This is required by RFC 6376 and predecessors. It becomes important
now that RFC 8460, which defines a new DKIM service type exists. This
change is required to avoid processing tlsrpt keys like regular email
keys, which is incorrect, they have different requirements.