Right. The idea, as I put it once, was that "If you break it, you
bought it." Put less colloquially, if a mailing list that knows it's
going to mangle the message receives a DKIM-signed message, it should
this was/is a particularly important view, since it relieves the signing
effort of quite a bit of responsibility that would otherwise require an
impossible effort to withstand arbitrary modification.
a derivative bit that emerged from this was the counter-intuitive
possibility that a mailing list capable of doing dkim signing could
choose not to, for a message that is already signed. that is, it could
knowingly preserve the existing signature.
d/
_______________________________________________
ietf-dkim mailing list
http://dkim.org