First, lets tune down the "40" years thing. What email list system was
around in 1970? Its more like 26 years with ListServ (circa 1985)
among the first and leading the way for the rest of the list server
developers.
There was, of course, list via X.400 but it was most of a "CC" like
mailing list and that was more of exclusive entry - not for the public
and I don't recall any real concerns about security other than being
accused of being a SPY!
When talking about the public, BBSes and Fidonet predated the Internet
and the Fidonet Echo Networking technology was the closest thing to
having network-based public groupware/discussions system. Before that,
probably CompuServ offers ideas of public groupware discussion areas
with there GO groups. We had GO XPRESS. You also have Prodigy with
public discussion groups. But outside of these fee base dialups into
X.25 networks, BBSes were among the first public way to have social
group telecommunications.
Anyway, needless to say, if DKIM was around even 50 years ago, or the
idea of authenticated email was around, list system and the entire
mail system would of taking on an entirely different path. We are
arguing it now. I don't see why we would not be arguing about it back
then if it was around.
So all this about the the past is really a moot point. We have DKIM
now, today, and it doesn't fit with list systems or any system that
has a natural integrity breaking process. Unless all the list
software and/or operators add Plug and Play hooks, to do the "Always
Resign" thing you want, we will always have the problems for a very
long time.
--
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
John R. Levine wrote:
Perhaps an MLM's reputation is pulled up or down as the average of
those of its participants, so if the MLM can attract "good" senders,
suddenly entire threads start getting through. But that would only be
possible with signature survival.
In my experience, the reputation of the list is unrelated to the
reputation of its participants. For example, in my filters I deliver
mail from this list directly into the inbox without content filtering,
even though I discard mail sent directly from a few of the subscribers.
With 40 years of experience with MLMs, a lot of experiments have already
happened, and we should spend more time looking at the history rather
than guessing what might happen under some hypothetical circumstances.
For example, we don't have to do experiments to find out whether people
want an MUA to distingish between signed and unsigned parts of a
message. We've already had partially signed messages (like this one, if
you get it through the list) for over a decade, and MUAs don't care.
Either they don't see the signature at all (Thunderbird or Windows Live
Mail), or they show the message without any particular distinction
between the signed and unsigned parts (Evolution, Apple Mail, Alpine.)
If anyone's claiming that contributors' DKIM signatures on list mail are
important, a good start would be to look at how PGP and S/MIME
signatures have been treated during the many years they've been in use.
I don't see any harm in experiments like having an MLM adding a signed
A-R header to the mail, since it doesn't break anything that works now,
but I would want rather concrete evidence from anyone claiming that
people pay any more attention than they do to S/MIME signatures now.
Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet
for
Dummies",
Please consider the environment before reading this e-mail. http://jl.ly
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html