arcverify requires c= and t= tags within AMS header

Bug #1710312 reported by Kurt Andersen on 2017-08-12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Scott Kitterman

Bug Description

Per the spec, the c= and t= tags are optional.

Scott Kitterman (kitterman) wrote :

OK. This should be easy enough to fix. I think all it needs is:

=== modified file 'dkim/'
--- dkim/ 2017-07-28 05:32:25 +0000
+++ dkim/ 2017-08-12 03:55:38 +0000
@@ -1030,7 +1030,7 @@

     self.logger.debug("ams sig[%d]: %r" % (instance, sig))

- validate_signature_fields(sig, [b'i', b'a', b'b', b'c', b'bh', b'd', b'h', b's'], True)
+ validate_signature_fields(sig, [b'i', b'a', b'b', b'bh', b'd', b'h', b's'], True)
     output['ams-domain'] = sig[b'd']
     output['ams-selector'] = sig[b's']

I'll try and test this out soon.

Changed in dkimpy:
importance: Undecided → High
status: New → Triaged
assignee: nobody → Scott Kitterman (kitterman)
Kurt Andersen (kurta) wrote :

You can validate the fix by looking at Bron's sample message which was sent to the dmarc@ietf list with the sending "Date: Sat, 12 Aug 2017 09:54:06 +1000" and the txt attachment.

Kurt Andersen (kurta) wrote :

I also found that arcverify is requiring the 't' tag even though that is optional per the spec. A similar fix a few lines further in the file addresses that problem too.

summary: - arcverify requires c= tag within AMS header
+ arcverify requires c= and t= tags within AMS header
description: updated
Changed in dkimpy:
status: Triaged → Fix Committed
milestone: none → 0.7.0
Scott Kitterman (kitterman) wrote :

Fixed in 0.7.0.

Changed in dkimpy:
milestone: 0.7.0 → none
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers