Mark Delany:
I am concerned that the FROM: address is becoming a conceptual
bottle neck, and would like to see a solution that allows mailing
lists and other forwarders to sign mail ("as I forwarded this")
without implied claims about the authenticity of the FROM: address.
That is, the possibility of a mailing list etc. DKIM signature that
just authenticates the list or forwarder.
That's how I was viewing a List signature. It was making no claims
about the original submission apart from "these are the bits as they
arrived at the List address". If some final list recipient sees value
in the original bits, good luck to them.
If the original submission has a DKIM signature then of course that
is great. If it doesn't, then we don't know that the mail came from
that address, period. But if it has a valid list/forwarder signature,
that can still be used to enable reputation based systems.
Right.
Great. Will this also work with other (i.e. non-list) forms of
forwarding? I can see other valid reasons why a system would stamp
mail as "I handled this". In fact, any service that handles mail
in some form or another could benefit if it could provide the
assurance that it was really the provider of the service.
Wietse
_______________________________________________
ietf-dkim mailing list
http://dkim.org