On Wed, 2004-12-01 at 14:13, domainkeys-feedbackbase01(_at_)yahoo(_dot_)com
Now, my guess is that right now we need signatures that can survive
alterations but once enough mail list servers and other intermediate
systems signing, we may well begin to slowly change to more secure
The first problem with this strategy is that it punished early
I like the idea William suggested of giving the original Sender the
opportunity to decide whether they want the signature to survive changes
like the ones made by mailing lists. This is especially important if the
signature indicates authorization.
But that's not what William is saying. The suggestion is not that some senders
will pick a loose policy while other senders pick the strict policy on day
Nor that senders might change from one policy to the other for their own
Rather, the suggestion is, I believe, that the Internet as a whole mostly
starts with a loose policy and slowly transitions to a strict policy as
intermediaries become signature aware.
Your interest in the sender expressing a maximum level of munging is an
interesting notion, but it's unrelated to the issue of whether an
Internet-wide, time-based, incentive-free, transition plan is realistic.
With respect to the message-state header suggestion, perhaps view this
as just a diagnostic tool. In my view, to be effective, it would not
need to make copies, rather simply store the hash and length of things
to permit an isolation of what changed. Let the market decide whether
they see value in the use of this header. When signatures become
prevalent, there should be ever diminishing value in such a tool. I see
this as an approach to prevent there being a battle regarding how robust
the signature should be to minor changes. An analysis program could
make good use of this information during the initial deployment stages
and provide valuable feedback when things break.