On 18/May/10 19:16, John R. Levine wrote:
It'll be the one that's not broken, I presume. If there's more than one
unbroken signature, I guess the signing domain might want to match the
list-id header.
Unfortunately, that header does not make a net distinction between the
list-label and the domain-name. Perhaps, the list-label could be made
explicit using the local part of the "i=" tag (RFC 5672 exemplifies a
"mailing list manager" for this datum.)
Why is it important to match signatures? If there's a valid signature
with a good rep, deliver the mail. If the mail turns out to be nasty,
decrease the rep of all of the valid signatures. Why make this more
complicated than it needs to be?
To recommend any special treatment for mailing lists --e.g. tweaking
FBL routes-- we should also say how a verifier can recognize a list
message when it sees one.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html