In article
<alpine(_dot_)LRH(_dot_)2(_dot_)01(_dot_)1409142034180(_dot_)30233(_at_)egate(_dot_)xpasc(_dot_)com>
you write:
It seems to me that the wrapped original mail could be signed by the
forwarding list processor so that the DMARC recipient would accept the
forwarded mail as coming from the forwarder and the ultimate MUA would
be able to verify that the wrapped messaged was indeed wrapped by the
forwarding list processor and transparently unwrap the original
email.
Well, yes, but you don't need to wrap mail to re-sign it. By design,
any host that relays a message can add a DKIM signature. Well run
mailing lists sign mail now. Look at any IETF list mail for an
example.
The problem with wrapped mail is basically a UI problem, and the IETF
has a long history of knowing less than nothing about UI (as in, much
of what we think we know is wrong.)
Anything a list can do to wrap mail, a bad guy can do, too. Work out
a few scenarios and you'll find that wrapping isn't very attractive as
a long term solution to anything.
R's,
John