Date: Fri, 20 Aug 2010 23:27:05 -0400 (EDT)
We've had a lot of arguments about the importance of verifying the identity
of contributors to mailing lists. If you think that's important, take a
look at this message.
Even though Mailman has added a subject line tag and a message footer, the
S/MIME signature still verifies
It was going well until Date: 21 Aug 2010 16:59:08 -0400 when the message of
John's failed to verify. So 25% failed.
, and your MUA should show a green star or
whatever, at least once you've told it to import my S/MIME cert. Mailman
automagically wrapped the multipart/signed in multipart/mixed. And the
signing cert has both my full e-mail address and my True Name.
At a conceptual level how the MUA shows validity information is important
going by John's descriptions. In the quick illistration here S/MIME sometimes
works and sometimes doesn't. Enhancing the MUA display with DKIM validity
information could be an important differenciator for an end user.
So I suggest we update the DKIM MLM draft to take out all the stuff about
signatures surviving lists, and just say that if it's important for your
signature to survive,
The DKIM standard has gone a long way to ensure interoperatibility and the
ability to survive canonicalisation changes, header field additions and is
careful about which header fields are recommended for signing purely based on
survivability. Taking an approach saying we don't care if DKIM survives MLMs
is a step in the opposite direction. This is not a proposal I support.
S/MIME already does that, with a suitable pointer.
Not always. If S/MIME had a wider adoption perhaps DKIM wouldn't be needed.
Either way S/MIME hasn't got a wide adoption yet so abandoning guidance for
DKIM-Friendly lists seems premature especially if the hope in an takeoff in
S/MIME adoption after all its years of existance.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html