Jim Fenton wrote:
Michael Thomas wrote:
I'll have to look at it. Maybe we should all try to eat our own
dogfood and use DKIM as much as possible on this list.
Well, DKIM doesn't make it through this list unless you use l=
and z=. :)
Alternatively, maybe we could talk our list host into signing messages
on this mailing list?
It shouldn't be an either-or choice. The author should be able to sign
the message indicating that he wrote the content (so that a recipient
can verify that yes, it really was written by who it says), and the list
should be able to sign the message to indicate that the message was
forwarded via the list (so that a recipient can verify that yes, the
message really did come from the list).
Keith
p.s. The either-or discussion reminds me of the debate about whether
lists should add a reply-to field. The author might have one idea about
where replies should go, and the list have a different idea. But
ultimately it's not either the original author's job or the list's job
to decide where replies should go...that's the job of the recipient who
is composing the reply. A similar argument applies to message signing.
Depending on his particular purpose, a recipient might want to verify
the author's signature or the list's signature or both. Neither the
DKIM standard nor the list should presume that the recipient doesn't
want to verify the original author's signature.
_______________________________________________
ietf-dkim mailing list
http://dkim.org