So as far as I can tell, we're at a point where lots of people think they
want MLM survivability of signatures, or at least the chain-of-trust
capability, but no proof that the increased risk is worth the increased gain.
I would quibble with the word "lots". Perhaps "a few highly vocal."
Put me in the camp that says there's no problem that's come up in 40 years
of MLMs that this would solve, and in the unlikely event that it actually
were a problem, signing an A-R header would work lot better, since it
includes a signature from the MLM, which is what we really want.
To the claim that there are MLMs that won't do that, if I count the number
of MLMs in the world vs. the number of sending and receiving mail hosts,
upgrading all the MLMs is a whole lot more likely than upgrading all of
the mail hosts.
Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet
for Dummies",
Please consider the environment before reading this e-mail. http://jl.ly
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html