On Jan 18, 2006, at 2:17 PM, Mark Delany wrote:
On Wed, Jan 18, 2006 at 09:24:20PM -0000, John Levine allegedly wrote:
This is a rather contentious point.
One model which we might call the "thin" model considers mailing
lists
The other "thick" model considers the mailing list to be the
Depending on your view of what a list is and the way your list
software works, you could try and implement either of these.
Given the religion, I wonder whether both are entirely reasonable
and leave the choice to the particular list implementor.
When DKIM signatures are used in conjunction with acceptance
assessments, how are compromised systems within the AdmD or message
replay abuse handled?
Large domains and list-servers may become a major component of a
message replay abuse problem. Access to a valid signature should be
made increasing difficult to suppress the emergence of a replay abuse
problem. When the administrator is informed there is a problem,
there should be an ability to squelch the problem quickly. To be
effective, this may require questionable messages receive special
dispensation. The "thick" model, as John describes it, appears the
most amenable for offering a solution. A general strategy for
dealing with the replay abuse problem may be to adopt an overlay MDA
signature with the obfuscation of the MSA/MUA and mediator
signatures. A single character offering "binding advice & signing
role" added to the signature can simplify several aspects of this
situation. Indicating the role of the signer also allows a strategy
to ensure only a reasonable number of signatures are retained.
-Doug
_______________________________________________
ietf-dkim mailing list
http://dkim.org