ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Proposed changes to MLM draft

2010-08-31 06:35:01
On 30/Aug/10 20:03, Murray S. Kucherawy wrote:
(1) Split the document into three documents: A DKIM MLM BCP that
discusses signing and verifying in the context of MLMs with no
value-add items addressed, a DKIM MLM Informational that discusses
possible value-add enhancements to MLMs in the DKIM world, and a
non-WG BCP about mailing lists irrespective of DKIM (Dave’s proposal);

-1, splitting the document should only occur as an author's decision
   about topics unrelated to one another.  If the doc contains any
   normative text, then it should go for standard track.  For clarity,
   it should be enough to mark which sections of the document are
   normative and which ones are only informative, as other docs do
   (for one, http://tools.ietf.org/html/draft-moriarty-post-inch-rid).

(2) Tear out everything having to do with making author signatures
survive list relaying, dropping all that text altogether, and instead
pointing people at S/MIME or PGP (John’s proposal);

-1, this topic may need further discussion.  Attribution of
   responsibility for a message destined to _public_ MLMs is
   particularly delicate, given possible replay attacks and FBLs.

   While PGP and S/MIME are fine, they imply signers should abstain
   from signing mail for MLMs.  Is that what we want to recommend?
   Two techniques have been proposed for enabling signers to limit the
   extent of responsibility they take, joint signatures and From-%-
   rewriting; did we reach any conclusion about them?  Are there more?
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html