Well, sorry, I've responded before seeing that Phil made a superset of
my arguments, so it is enough to read his message and (if you care) note
that I second it. Amir
Hallam-Baker, Phillip wrote:
I have a DKIM-SL client that is designed to add an end user signature.
This signature serves a completely different use case to the signature
that is automatically added at the outgoing edge gateway.
As previously argued stripping out email signatures is a very bad idea.
A DKIM email might very well have upwards of 3 signatures, all of which
validate and all of which provide useful information to the receiving
infrastructure.
For example an end user signature tells me that the message was
definitely from Bill Gates but I still want the Microsoft edge server
signature to tell me it went through the Microsoft email infrastructure,
was scanned for virus there etc. I also want to see the signature added
at the IETF mailing list exploder because the original email specifies
the mailing list as the recipient but the mailing list then forwarded
it.
These are all useful and important pieces of information. If you have a
spam filtering infrastructure you are already handling a huge amount of
AI-complete complexity. Additional information is not a burden, lost
information is a very serious hinderance.
At any rate this is not an argument that should be settled by a charter
exclusion.
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Arvel Hathcock
Sent: Tuesday, October 11, 2005 10:32 PM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] Charter bashing...
? supporting multiple signatures on single messages
Humm... not sure about this one. If verifiers only supported
a single signature it would be wise for signers to strip out
any existing signatures before re-signing. That would cause
the loss of "potentially" useful data wouldn't it? But, come
to think of it, old signatures don't verify (otherwise, why
resign the message at all) and what is the practical use of a
non-verifiable signature. You can't make any definitive
decisions based on broken signatures can you?
--
Arvel
_______________________________________________
ietf-dkim mailing list
http://dkim.org
_______________________________________________
ietf-dkim mailing list
http://dkim.org
.
--
Best regards,
Amir Herzberg
Associate Professor
Department of Computer Science
Bar Ilan University
http://AmirHerzberg.com
Try TrustBar - improved browser security UI:
http://AmirHerzberg.com/TrustBar
Visit my Hall Of Shame of Unprotected Login pages:
http://AmirHerzberg.com/shame
_______________________________________________
ietf-dkim mailing list
http://dkim.org