One of the reasons l= came to be was that we wanted to have as many valid
signatures out there as quickly as possible, so as to provide a reasonable
alternative basis for reputation. There was the presumption that the mailing
list software would lag, and it has. Now we know that one MAJOR piece of
mailing list software can be made to behave, and we know how to accommodate
it if it doesn't. But in order to preserve the signature, everyone would
essentially have to start using l=.
I still don't get it. For one thing, the real MAJOR list software on the
net is Yahoo Groups and Google Groups, each of which I would expect
handles more discussion list mail than everything else combined, and
neither of which will ever preserve a signature.
But more to the point, if the goal is to maximize the amount of signed
mail, the obvious change to make to list software is to make it sign its
outgoing mail. That makes 100% of the mail from its lists signed. Why
would you waste time with complicated kludges that under the most
optimistic assumptions would only get a small fraction of the mail signed?
By the way, both Yahoo Groups and Google Groups put on a nice fresh DKIM
signature of their own, so 100% of their mail is signed today. Yahoo
strips off incoming signatures, Google doesn't. Google adds an
Authentication-Results: header so if you care and you trust them you can
see whether they thought the incoming signature was good.
R's,
John
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html