l= provides a benefit when the SIGNERS sign, and mailing lists DON'T
DISTURB. This does happen, although we can debate how often. The key
point is that if the mailing lists employ an anti-spam check and resign,
there is probably no need for l=. This to me means that l= should be
viewed as a Time To Market function to have more valid signatures out
there, and is best obviated by deployment of DKIM in mailing list
software. That's happened in some place, but not enough.
I stand by my point that it is perfectly feasible to mitigate any risks
that l= introduces. But. Those risks DO have to be mitigated.
So here's where I come down: nuke l=, but get the mailing list software
people to sign. The big one I would want to tackle is MailMan.
Eliot
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html