On 8/10/10 9:54 PM, Murray S. Kucherawy wrote:
From: John Levine [mailto:johnl(_at_)iecc(_dot_)com]
Sent: Tuesday, August 10, 2010 3:49 PM
Cc: Murray S. Kucherawy
Subject: Re: [ietf-dkim] what does DKIM do, was draft-ietf-dkim-
mailinglists-01 review request
On the other hand, providing per-contributor reputation clues to
subscribers (beyond what's on the From: line) is something that lists
have never done, so I think it's a poor idea to try to invent ways to
Does that make sense?
Sure. I got the impression this was something we should be saying based on
earlier conversation about whether the list should sign coupled with whether
the list should drop author signatures. Part of that chatter had to do with
combined reputation of the list and the author. If that's a real concern,
then on one hand a list/you can gain from the reputation of the other, but on
the other hand you can both suffer because of other traffic on the list.
This seemed to be a logical extension of that discussion.
If we feel that's too much of a leap, I can just remove that paragraph.
DKIM does not confirm the identity of individuals, only the
administrative domain of the signer. The recipient would need to trust
the Authentication-Results header, before any information would be
meaningful beyond what is known about the list itself, such as whether
it provides List-ID headers, confirms the email-address of subscribers,
removes deceptive A-R headers, etc.
NOTE WELL: This list operates according to