ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Charter bashing...

2005-10-12 02:07:14
Well, sorry, I've responded before seeing that Phil made a superset of my arguments, so it is enough to read his message and (if you care) note that I second it. Amir

Hallam-Baker, Phillip wrote:
I have a DKIM-SL client that is designed to add an end user signature.
This signature serves a completely different use case to the signature
that is automatically added at the outgoing edge gateway.

As previously argued stripping out email signatures is a very bad idea.
A DKIM email might very well have upwards of 3 signatures, all of which
validate and all of which provide useful information to the receiving
infrastructure.

For example an end user signature tells me that the message was
definitely from Bill Gates but I still want the Microsoft edge server
signature to tell me it went through the Microsoft email infrastructure,
was scanned for virus there etc. I also want to see the signature added
at the IETF mailing list exploder because the original email specifies
the mailing list as the recipient but the mailing list then forwarded
it.

These are all useful and important pieces of information. If you have a
spam filtering infrastructure you are already handling a huge amount of
AI-complete complexity. Additional information is not a burden, lost
information is a very serious hinderance.

At any rate this is not an argument that should be settled by a charter
exclusion.




-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org [mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Arvel Hathcock
Sent: Tuesday, October 11, 2005 10:32 PM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] Charter bashing...


 ? supporting multiple signatures on single messages

Humm... not sure about this one. If verifiers only supported a single signature it would be wise for signers to strip out any existing signatures before re-signing. That would cause the loss of "potentially" useful data wouldn't it? But, come to think of it, old signatures don't verify (otherwise, why resign the message at all) and what is the practical use of a non-verifiable signature. You can't make any definitive decisions based on broken signatures can you?

--
Arvel



_______________________________________________
ietf-dkim mailing list
http://dkim.org




_______________________________________________
ietf-dkim mailing list
http://dkim.org

.


--
Best regards,

Amir Herzberg

Associate Professor
Department of Computer Science
Bar Ilan University
http://AmirHerzberg.com
Try TrustBar - improved browser security UI: http://AmirHerzberg.com/TrustBar Visit my Hall Of Shame of Unprotected Login pages: http://AmirHerzberg.com/shame
_______________________________________________
ietf-dkim mailing list
http://dkim.org

<Prev in Thread] Current Thread [Next in Thread>