Paul Hoffman wrote:
It is far safer to assume that any of the signed headers might be
broken, and to encourage systems (such as mailing lists) that are
known to break DKIM signatures to sign after they break them.
And then what?
Everybody wants to hand-wave this issue away with the majikal "list
signature",
but the reality is that they are not obviously useable to somebody who has
actually written lots of code in this area.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html