If I'm running a mailing list and I get a piece of signed mail, I'm
certainly not removing its signature. The signer's reputation should
suffer if people complain, or benefit in the absence of a complaint.
Well, gee, in that case since I don't control or even know the way you
manage your lists, I don't dare sign anything I send you. If you (the
generic you, not Murray) start to do a lousy job of managing your
lists, why is that your subscribers' problem?
Even without thinking of the FBL issues, I would want a reputation
systems to be fully informed about a candidate system rather than
only partially informed.
Me too. Mail from the list is the responsibility of the list. QED and
all that.
I spoke to a couple of people about this in Anaheim: A way of using
DKIM and Auth-Results to establish a definite chain of custody of a
message would be highly useful.
Hmmn. Was this in the context of mailing lists, or in general? When
I've asked for examples of how this would be useful for list
subscribers, all I've heard is an implausible example of a list that
is so poorly managed that it's full of spam, and the list owner isn't
willing to do anything about it, but for some reason people want to
subscribe to it anyway.
I could see how a chain of custody would be useful for something like
a courtesy forward that downcoded MIME from 8bit to base64, or one
that added a tag or advertisement to mail as it went through.
R's,
John
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html