So if I set a policy of "I sign all", and a mailing list mangles
it, what exactly is the mailing list receiving the bounce going to
do? Blackhole it? Bounce the user off the list? Anything useful
whatsoever?
That's a matter between the "I sign all" and the list. I would say
that if it hurts, don't do it.
No, the sensible user will accept all the mail from the list. With
luck the list will sign and the user will whitelist the list's sig,
or get an endorsement from his favorite reputation system. Or the
list won't sign and we'll recognize it the way we do now via List-ID
or other clues. If you already have an opinion about a message,
there's little reason to look at SSP.
The one case where "I sign all" might be useful is if a message shows
up with no signature and no other hints that it might be from a
reliable sender. Maybe.
R's,
John
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html