I think that the realistic goal here is that it should be possible for a
list to be configured to allow a message to survive.
If that's a very important goal, one could certainly set up list software
to send messages through as single message digests, with the enclosed
message untouched. But I can't say I know many lists where I would want
that, and if security of messages were that big a deal, I think I would
want to use S/MIME to identify the individual sender and not just the
first MTA a message passed through.
It would also be useful to give some guidelines to mailing lists that
are going to mangle messages of ways in which they can do this without
causing grief.
We could, but I would be surprised if any authors of list software were
interested. At the moment there are approximately a bazillion lists and
list management packages, and approximately no DKIM, so I wouldn't hold my
breath waiting for them to adapt, particularly since forged messages
leaking into lists isn't a significant problem for any list I know.
As I keep saying, if a signature happens to survive a trip through a list
manager, that's nice, but it's hopeless to try to invent a signature that
will survive most or even many list systems, and I don't want the group to
waste time trying to invent some hack to do it.
Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet
for Dummies",
Information Superhighwayman wanna-be, http://www.johnlevine.com, Mayor
"I dropped the toothpaste", said Tom, crestfallenly.
_______________________________________________
ietf-dkim mailing list
http://dkim.org