This file summarizes what's changed between releases of Mail-DKIM.
See the ChangeLog file for the details.

Version 0.34

 since 0.33_7

  * bugfix:
    * Signer object would die if first line of input wasn't a header
      (rt.cpan.org issue #46179)

 since 0.33_6

  * renamed Mail::DKIM::Policy to Mail::DKIM::DkPolicy. Programs using
    the former name to create policy objects directly (though it would
    be more expected to fetch the objects through Mail::DKIM::Verifier)
    should update their code
  * new API for fetching sender/author signing policies,
    see Verifier::fetch_policies()
  * initial support for ADSP (author-domain-signing-practices)
  * better detection of DNS resolver errors

 since 0.33_5

  * fixed a bug in one of the test scripts, caused by the changes in
    0.33_5

 since 0.33
 
  * removed support for pre-standardized DKIM signatures (i.e. these
    are DKIM signatures without a v= or bh= tag).


Version 0.33 - released 2009-03-10

  * bugfixes:
    * signature wrapping would sometimes cause improper preparation of
      DKIM signatures, with "simple" canonicalization (issue #2257046)
  * test scripts:
    * the included corpus is now verified using a fake-DNS resolver,
      which means the test corpus can validate even when your DNS
      servers are really slow


Version 0.32 - released 2008-06-03

  * removed requirement for Digest::SHA1 (issue #1832549).
    We now use the more capable Digest::SHA module for SHA-1 and SHA-256.
  * bugfixes:
    * granularity checking should be case-sensitive (issue #1938112).
    * identity tag now uses quoted-printable encoding (issue #1839015).
  * API improvement:
    * implemented identity_source() for DkSignature objects 


Version 0.31 - released 2008-04-14

  * some error detail messages were changed (see ChangeLog, 2008-01-10 entry)
  * by default, and when possible, DKIM signatures now omit c= and q= tags
    (they are optional tags) (issue #1878518)
  * DKIM and DomainKey signatures are now wrapped so that line breaks
    occur before colon (':') separators instead of after; this avoids
	confusing some broken MUAs (issue #1868648)
  * bugfixes:
    * "undef value" error when DKIM signature appears at end of header
      (issue #1878954)
    * use proper regexp for splitting email address (issue #1878994)
  * API improvements:
    * can specify a domain for fetch_author_policy() (issue #1879197)
    * can access a signature's public-key object (issue #1879215)
    * can specify an OpenSSL-private-key object for PrivateKey->new()
      (issue #1879209)


Version 0.30.1 - released 2008-01-24

 * bugfix:
   * email from cisco.com was failing to verify (issue #1878523)


Version 0.30 - released 2008-01-10

 * includes speed-up optimizations by Mark Martinec
 * DomainKeys, implement proper identity matching...
   a DomainKey-Signature's domain should match the From/Sender address
 * several more test cases
 * API improvements:
   * accept additional arguments when creating Signer/Signature
 * bugfixes:
   * DomainKey-Signature headers were not "prettified"
   * granularity ending with '*' was not checked correctly
   * DomainKey-Signature granularity was checked against the wrong value


Version 0.29 - released 2007-11-08

 * verifiers can now access all parsed signatures and their results,
   not just signatures that were fully tested
 * signer policies can now specify what private key file to use
 * some other minor API improvements
 * bugfixes:
   * for DomainKeys signatures, fixed a compatibility issue handling
     the h= tag
   * for DKIM, signature expirations had been ignored
   * for DKIM, signature identities did not have to match the domain
   * for DKIM, public key granularity field had been ignored


Version 0.28 - released 2007-07-31

 * fixed a bug with line-wrapping a signature at the wrong place


Version 0.27 - released 2007-07-25

 * Sender signing policies are now better implemented
 * Both Yahoo! DomainKeys signing policies and the under-development
   IETF DKIM signing policies are supported
    * Yahoo! DomainKeys policies can protect the Sender: header
    * DKIM signing policies can protect the From: header
   Look at Mail::DKIM::Verifier's fetch_author_policy() and
   fetch_sender_policy() methods for hints.

   
Version 0.26 - released 2007-05-24

 * recognize and generate v=1 signatures (DKIM is now RFC 4871)


Version 0.25 - released 2007-05-10

 * we now only sign headers that IETF recommends for signing
 * it's now possible to "prettify" outgoing signatures, but this feature
   is not enabled by default. To enable, do a "use Mail::DKIM::TextWrap"
   in your program that signs messages. (This may change in a future
   release.)


Version 0.24 - released 2007-03-13

 * fixes two bugs, see ChangeLog for details
 * fixed a bug with public keys (in DNS) containing linebreak characters
 * fixed a bug with DKIM signatures not including the optional q= tag


Version 0.23 - released 2007-02-22

 * fixes some issues with verifying DomainKeys signatures
 * generate newer-style DKIM signatures (with v=0.5 tag)
 * fixed some bugs related to handling messages with no body
 * improved diagnostic messages for certain cases


Version 0.22 - released 2007-01-19

 * fixes a couple very minor bugs
 * some cosmetic changes to error messages


Version 0.21 - released 2006-11-29

 * fixes two bugs, see ChangeLog for details


Version 0.20 - released 2006-10-24

 * now supports verifying multiple signatures (the result returned is based
   on the "best" available signature)
 * now supports adding multiple signatures in one pass (to use this, you
   need to create a "signer policy"; see scripts/dkimsign.pl for an example)
 * now supports signing/verifying signatures for the older DomainKeys standard
 * now implements Internet Draft draft-ietf-dkim-base-05, including:
   * support for the version (v=) tag
 * eliminated "control character detected in message" error message


Version 0.19 - released 2006-06-15

 * now supports earlier versions of Perl (5.6.1 and up).


Version 0.18 - released 2006-06-09

 * no longer depends on Crypt::RSA or Crypt::OpenSSL::Bignum.


Version 0.17 - released 2006-05-26

 * now implements Internet Draft draft-ietf-dkim-base-01, including:
   * support for the body hash (bh=) tag
   * support for SHA256 digests (uses the Digest::SHA module from CPAN)
 * if a message fails to verify, it now distinguishes between:
   * headers having been altered
   * body having been altered
   * RSA key failure (i.e. the signing key does not match the public key)
 * added several sample messages to test against when doing `make test'.


Version 0.16 - released 2006-03-03

 * first version for CPAN; implements draft-allman-dkim-base-01.
