rfc 6376 compliance

[timcoote]

Thanks for this, one of the best explanations of the details of dkim that I've found - and useful as there are some odd dkim signature fails.

One thing that I'm not clear on. Line 219 of README.md, in a section on relaxed header canonicalization:
- remove duplicate entrys (like the to:to:), and the supporting code in hash_headers:
header_to_hash_list.remove(header) # strip duplicate header like the from

seem to me to be in contradiction with the rfc, which says in section 3.5, in the section discussing the h= tag in the DKIM-Signature header field:
"The field MAY contain multiple instances of a header
field name, meaning multiple occurrences of the corresponding
header field are included in the header hash. "

And if the duplication is allowed, the signature does fail.

Is this a bug in the example (+ the system that signed the example email), or have I got something wrong?