ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] SSP and mailing lists

2006-09-11 20:20:44

On Sep 11, 2006, at 7:13 PM, Hector Santos wrote:


----- Original Message -----
From: "Steve Atkins" <steve(_at_)blighty(_dot_)com>
To: "IETF DKIM WG" <ietf-dkim(_at_)mipassoc(_dot_)org>

I can see that now being added to our list server product during the
subscriber process so that the owner doe not get embroiled in damaging
signatures, thus helping the domain protect themselves.

I'm hearing what sounds like a lot of FUD. Could you expand on
the details of what you perceive as a "damaging signature"?

No FUD.

Just look at all the signed DKIM messages in this IETF-DKIM list. They are
damaged DKIM signed messages. 100% failures!

No FUD.

Now, if this list server was DKIM-Ready, as suggested in the DSAP proposal, it can take pre-emptive steps to deny restrictive domains from subscribing
to the list or atleast send a warning to the subscribing email address
saying any Signed Mail will be damage due to the MLS behavior to alter the
integrity of the message.

Ah, I misunderstood. Your concern is that some mail transports,
including mailing lists, will invalidate a messages signature,
causing it to be unsigned.

That's certainly true, though I see it more as an example of
the futility of expecting DKIM, and anything based on it,
to be able to decide between "this is authorized mail" and
"this is unauthorized mail" rather than between "this is
authorized mail" and "I don't know whether this is
authorized or not".

Cheers,
  Steve


_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html