On Mon, Jan 23, 2006 at 10:18:59PM -0500, Hector Santos allegedly wrote:
From: "Tony Hansen" <tony(_at_)att(_dot_)com>
I'm tempted to say: if the mailing list is going to do
*anything* to the message other than act as a simple
reflector, it *must* strip out any existing dkim signature.
What it does after that is up to the mailing list.
This would make sense for certain policies. If the processor is going to
Actually I'm not sure why a list has to do anything in this case. If a
failed signature is the same as no signature, then the very action of
a mutating list has the effect of "stripping out" any existing sig. So
why impose extra work on a list? And why not let the natural course of
existing lists serendipitously "do the right thing"?
Of the big benefit is instant compliance by a huge array of
pre-existing list s/w.
I also worry about the expectation of lists looking at policy - it's
going to be many many years before a signer can expect their policy to
be looked at by a significant majority of list s/w. In the intervening
years they will be able to advertise as restrictive policy as they
like and it will mostly be disappointed at the outcome.
Mark.
_______________________________________________
ietf-dkim mailing list
http://dkim.org