Signing the From: header is currently required, but suppose it weren't:
Then bad guys can take list messages and resend them with forged
return addresses and still have a valid signature. Does anyone think
this is a good idea?
I think the way we all expect to use DKIM is that a message comes in,
we check the signature, then we look up the signing domain in some
sort of reputation system, be it a local whitelist or something
fancier, then if the reputation is good we accept the mail, if it's
bad we reject it, and if there's no reputation, we fall back and do
what we would have done otherwise.
With this model, I have a lot of trouble envisioning a scenario where
I would want list mail signed by anything other than the list. If
there is old list software that doesn't sign and it happens to pass
signed messages, fine, but if the list software is DKIM aware at all,
I want it to sign so I can recognize list mail.
R's,
John
_______________________________________________
ietf-dkim mailing list
http://dkim.org