ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Lists "BCP" draft available

2010-05-25 12:36:56
from [Brett McDowell] [Permanent Link] 
On May 24, 2010, at 9:08 AM, John R. Levine wrote:


I guess the list should be rejecting his email! Then, perhaps, his 
organisation would get around to deploying a non-discardable domain.


I've suggested it.  They know they have a problem, but they won't yet say 
what they're going to do about it.



I'll be happy to report on our decision once we've implemented it.  FWIW, I 
agree with the recommendations made on this list, at least in the short-term.  

Step one: was to start using anything that wasn't under an ADSP=discardable 
assertion (so here I am using a me.com account).  

Step two: is to do something along the lines of what's been recommended here (a 
non-discardable domain).  

Step three: fix the status quo for *participating* MLM's by offering up a new 
technical solution that enables MLM's to assert that they've validated the 
original sender's signature.  


As you may recall, they suggested that lists sign an A-R header and all 
recipient systems track what lists they're subscribed to and do 
complicated processing to see whether list mail was signed when it showed 
up at the list.  


That is a mischaracterization of what I proposed.  What I actually proposed was:


On Apr 26, 2010, at 1:19 PM, McDowell, Brett wrote:


On Apr 26, 2010, at 10:05 AM, MH Michael Hammer (5304) wrote:


I think we are having the wrong discussion. The real question is:

"What are appropriate practices for mailing lists in handling DKIM
signed mail?"


Agreed.

From my perspective, I'd like to enable (not mandate or expect universal 
compliance with) the deployment scenario where the sender's DKIM signature 
is either maintained without adulteration or "proxied" by the list so the 
transient trust can be carried through the mailing list intermediary to the 
destination (per Murray's note which I'm also going to respond to).  That's 
my use case.  By sharing this use case I'm not trying to deprecate or 
undermine John Levine's original use case.  But there is a diversity of 
valid/appropriate behavior by mailing lists vis-a-vis DKIM that we need to 
consider (which is why I'm so pleased to see Mike H. take our discussion in 
this direction).

-- Brett


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Lists "BCP" draft available, Ian Eiloart
Next by Date:  Re: [ietf-dkim] more on discardable, was Lists "BCP" draft, J.D. Falk
Previous by Thread:  Re: [ietf-dkim] Lists "BCP" draft available, Roland Turner
Next by Thread:  Re: [ietf-dkim] ADSP, was Lists "BCP" draft available, John R. Levine
Indexes:  [Date] [Thread] [Top] [All Lists]