Dave Crocker wrote: > We have agreed to the addition of an enhancement that provides a good > alternative to the existing set of two algorithms. > > That is quite different from tossing out over-the-wire backward > compatibility. > > I have not seen the group agree that a sender of an (ESTG) DKIMv1 > signature will fail with an (IETF) DKIMv2 validator. Dave, 'nowsp' canonicalization does not exist in "DKIMv2" (-base-01). It was eliminated, rather than deprecated, because it created a vulnerability. While some -base-01 verifiers may implement legacy nowsp support, a fully compliant -base-01 verifier may not work with a -base-00 signature that uses nowsp canonicalization. -Jim _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf