On 30/Aug/10 20:03, Murray S. Kucherawy wrote:
(1) Split the document into three documents: A DKIM MLM BCP that
discusses signing and verifying in the context of MLMs with no
value-add items addressed, a DKIM MLM Informational that discusses
possible value-add enhancements to MLMs in the DKIM world, and a
non-WG BCP about mailing lists irrespective of DKIM (Dave’s proposal);
-1, splitting the document should only occur as an author's decision
about topics unrelated to one another. If the doc contains any
normative text, then it should go for standard track. For clarity,
it should be enough to mark which sections of the document are
normative and which ones are only informative, as other docs do
(for one, http://tools.ietf.org/html/draft-moriarty-post-inch-rid).
(2) Tear out everything having to do with making author signatures
survive list relaying, dropping all that text altogether, and instead
pointing people at S/MIME or PGP (John’s proposal);
-1, this topic may need further discussion. Attribution of
responsibility for a message destined to _public_ MLMs is
particularly delicate, given possible replay attacks and FBLs.
While PGP and S/MIME are fine, they imply signers should abstain
from signing mail for MLMs. Is that what we want to recommend?
Two techniques have been proposed for enabling signers to limit the
extent of responsibility they take, joint signatures and From-%-
rewriting; did we reach any conclusion about them? Are there more?
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html