ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Wrong Discussion - was Why mailing lists should strip DKIM signatures

2010-04-30 05:16:41
from [Ian Eiloart] [Permanent Link] 


--On 28 April 2010 11:02:53 -0400 "MH Michael Hammer (5304)" 
<MHammer(_at_)ag(_dot_)com> wrote:



A few thoughts to fuel the discussion:

1) It may be that the BCP document would appropriately have a section
for end users of mail lists. One possible recommendation is that for
domains which have strong security concerns, they may want to have a
policy against posting to lists using the domain in question. (I'm
throwing this out as a straw man).


Yep, I'd suggest sections for MLM site owners, MLM list managers (who may 
not have access to MTA configuration), list mail posters, and list mail 
recipients.



2) One possible recommendation to list managers is that if a message to
the list is DKIM signed AND has an ADSP discardable policy AND the
signature cannot be maintained intact then the list should bounce the
message.


+1


3) Is there a way for us (perhaps in a future version) to provide for
some sort of "encapsulation" that will allow the original
signature/message to be maintained even as the list does certain (as yet
unspecified) actions which might currently break the signature? Just
blue skying here.


I guess you could attach the entire original message to the message that 
you're generating.

In fact, the list could just send a message saying "This was posted to the 
list", preserving the subject line, I guess. I don't know how that would 
look in various mail clients....


4) I recognize the chorus which says "mail lists have always done things
a certain way and who are you to tell us how or what we have to do".
Having given that recognition, in creating an authentication model it
seems self defeating not to provide mechanisms for the authentication to
survive things like maillists (for those maillists/software providers
willing to adopt whatever we come up with). Those lists which have
always done thigns a certain way and wish to continue could do so - no
harm no foul.

Mike

_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html




-- 
Ian Eiloart
IT Services, University of Sussex
01273-873148 x3148
For new support requests, see http://www.sussex.ac.uk/its/help/


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion, Ian Eiloart
Next by Date:  Re: [ietf-dkim] Wrong Discussion - was Why mailing lists should strip DKIM signatures, Ian Eiloart
Previous by Thread:  Re: [ietf-dkim] Wrong Discussion - was Why mailing lists should strip DKIM signatures, Ian Eiloart
Next by Thread:  Re: [ietf-dkim] Wrong Discussion - was Why mailing lists should strip DKIM signatures, Alessandro Vesely
Indexes:  [Date] [Thread] [Top] [All Lists]