ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Attempted summary (was: Re: [ietf-dkim] DKIM and mailing lists)

2006-01-23 13:16:55
from [Mark Delany] [Permanent Link] 
On Mon, Jan 23, 2006 at 02:30:55PM -0500, Wietse Venema allegedly wrote:


When the list server's DKIM signature covers a FROM: header with
an address in some unrelated domain, would not this be considered
a third-party signature?


It could be. It's certainly something concrete that a verifier can act
on. We merely need to describe the desired actions.


This would be avoided by having the list sign only the headers that
identify the list.


That presents the same sort of risks that -l does. I would must prefer
the list sign the whole content and the spec define the verifier
semantics when a 3rd party signature is seen with, eg, a List-ID
covered by the second signature.

If well defined, those semantics should be able to achieve the
functional affect of your suggestion without the risk of sending
unsigned material.


Mark.

_______________________________________________
ietf-dkim mailing list
http://dkim.org
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [ietf-dkim] How mailing lists mutate messages, John Levine
Next by Date:  Re: [ietf-dkim] Re: DKIM and mailing lists, Miles libbey
Previous by Thread:  Re: Attempted summary (was: Re: [ietf-dkim] DKIM and mailing lists), Wietse Venema
Next by Thread:  Re: Attempted summary (was: Re: [ietf-dkim] DKIM and mailing lists), Jim Fenton
Indexes:  [Date] [Thread] [Top] [All Lists]