On Wed, 2004-10-27 at 15:17 -0700, Dave Crocker wrote:
On Wed, 27 Oct 2004 22:54:48 +0100, Tony Finch wrote:
There's no inherent reason that a message shouldn't have
signatures both from the original sender and the mailing list
resender, or either, or neither.
multiple signatures adds complexity.
given the problematic history of getting any widespread use of email
encryption, we should look for the very, very simplest approaches to
things.
That would be a scheme which is based on the RFC2821 address, and hence
doesn't _need_ to survive mailing list mangling. I suspect that there is
indeed a place in the world for such a scheme.
A scheme which accepts the added complexity of using the various RFC2822
addresses should also be able to support multiple signatures. It isn't
_that_ much more complicated and it's useful.
--
dwmw2