ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] New issue: DKIM and mailiing lists

2006-03-14 21:21:13
2.  Anyone who believes there are (or should be) no concerns should
express them to the list, succinctly and concretely.

I don't see any concerns about mailing lists.  All I see is a lack of
clarity about the meaning of third party signatures.  Some list mail
will have only the original sender's signature, some will have only
the list host's signature (either because the original message was
unsigned or the list software mutated the message), some will have
both signatures.

Outgoing mail on my system originates from about 100 different
domains, because I host mail for a bunch of small local businesses,
and I also have a bunch of majordomo2 mailing lists.  My intention is
to sign all the outgoing mail, on the theory that if it's coming out
of my system, I'm responsible for it.  Some of my users (the nerds at
Cornell) may sign mail before submitting it here so it'll have both
the originator's signature and mine, the rest of the users' mail will
just have just mine.

From a recipient's point of view, the meaning of my third party
signature on my users' mail is the same as the meaning of my third
party signarture on my list mail.  As far as DKIM is concerned, a list
is just another forwarder.  If we get the meaning of third party
signatures in general correct (which I don't think is hard), we've
dealt with list mail.

R's,
John

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html