dkim-ops
[Top] [All Lists]

Re: [dkim-ops] subdomain vs. cousin domain (when deploying"discardable")

2010-09-10 11:52:06
On Fri, Sep 10, 2010 at 6:50 AM, McDowell, Brett
<bmcdowell(_at_)paypal-inc(_dot_)com> wrote:
Ugh!  We simply have to fix the root cause of MLM's breaking DKIM 
signatures.
Disagree.  This would then mean MLM messages become visually similar to
messages from individuals.
I didn't mean to suggest MLM's should stop doing the things they do that 
breaks DKIM signatures.  I'm actually a fan of the A-R header (or perhaps a 
new one) approach -- used in a clear (profiled?) way -- so MLM's can assert 
to receivers that they verified the senders signature before processing and 
re-signing it.

As an end receiver though, I certainly wouldn't trust an A-R header
that someone else put in during transit saying that it verified from
$BIG_COMPANY.  That can too easily be forged.  Now if that A-R header
was part of your DKIM sig or the header had a brief sig field that
could be tied back to your DKIM sig, it would become eligible to be
regarded as trustworthy (but not necessarily guaranteed to be so).
Honestly to me that kind of sounds ridiculous, how many levels of
signature would be useful/required?

-- 
Regards...      Todd
I seek the truth...it is only persistence in self-delusion and
ignorance that does harm.  -- Marcus Aurealius

_______________________________________________
dkim-ops mailing list
dkim-ops(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-ops

<Prev in Thread] Current Thread [Next in Thread>