Hi Dave & John,
I read both of you as actually agreeing in principle. My issue was
whether a signature would confer more authority upon a message than
perhaps it deserved, and how would an MLM behave in terms of its
incentives. In thinking about this, I'd have to say that you're both
right, that either the MLM is taking responsibility for the message or
it is not. There may yet be a grey area for very sophisticated or
experimental MLMs (like "Hmm... SpamAssassin medium score; maybe let it
through but don't sign"), but then they don't need a BCP; we need them
to publish the results of the experiment ;-)
The only thing that leaves are non-participant MLMs and there really
isn't much to be done with them.
Eliot
On 5/22/10 7:50 PM, Dave CROCKER wrote:
On 5/17/2010 10:08 PM, John Levine wrote:
The signature means that this message really truly
came from the mailing list
Actually, DKIM makes no statement about authorship or even actors in the
handling sequence. It merely says that that verified domain is willing to
take
"some" responsibility for the message.
The more we slip into loose references to authorship or operational origins,
the
more we wind up having to dig ourselves out of semantic mismatches later.
If there is a desire and need to have the semantic be "came from the mailing
list" then there needs to be a mailing list equivalent to ADSP, which
correlates
a DKIM signature with the domain in a List-ID header field.
d/
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html