On Tue, 14 Mar 2006, Dave Crocker wrote:
Taking my own advice:
Mailing list software takes delivery of a message and posts a new message.
The new message might look almost exactly like the old one or it might look
massively different.
Massively different is overstatement of how mail lists work. For almost
all mail lists the message would have the same message text body with
potentially small additional mail-list footer and potentially change in
a subject and several new mail-list identification header fields and
what is important is that it will retain the same author info (from
field) and same message-id so it would not really be a new message.
1. Anyone who has concerns should express them to the list, succinctly and
concretely.
If a signature includes a useful hash of the message, it cannot survive
really extreme violence. Hence, a signature cannot reasonably survive
transit through a mailing list that makes major changes to the message.
DKIM cannot survive transit through some mailing lists and it is not
reasonable to make it try.
Your argument is not correct. It is well known how mail list behave and
it is not some extreme violence as you put it but well known system of
slight modification or none at all. This can be accounted for if you
really wanted to. Currently dkim can not account for all common cases
especially when mail list software is aware of email mime structure and
adds footer in appropriate mime-aware way.
2. Anyone who believes there are (or should be) no concerns should express
them to the list, succinctly and concretely.
I do so state that having signature survive mail list is a concern if you
want something that works with current email architecture and it should be
something that work group should try to account for if you want to have
a successful specification.
--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html