william(at)elan.net wrote:
On Thu, 28 Oct 2004, David Woodhouse wrote:
...
I want that too. That's why I want my own signature on a mail to survive
even if a mailing list resends it and signs it for itself, or if someone
else resubmits it with Resent-* headers to the mail system.
I agree.
Multiple signatures really aren't hard to do. It's _not_ that complex.
Let's not strive for simplicity at the cost of useful functionality.
Yes, If somebody wants to verify multiple signatures - let them do it,
that is their problem not ours that they want to do extra processing.
But in my opionion all signatures should be end-end and verify by any
subsequent email server in the path.
What I'm writing now may not be a good idea, but maybe a starting point.
Suppose MTA A signs a message, which will be received by some MTA B, which is a
ML server. For some reason, MTA B shall modify the message, so MTA A signature
do not verify anymore. But MTA B will sign again the message.
Does it make sense for MTA B to indicate in some way that he needed to modify
original message and that MTA A signature verified perfectly when he received it ?
Is there a way, for some final recipient C (using MTA C, which will check MTA B
signature), to trust the information added by MTA B about MTA A signature ?
--
---------------------------------------------------------------
Jose Marcio MARTINS DA CRUZ Tel. :(33) 01.40.51.93.41
Ecole des Mines de Paris http://j-chkmail.ensmp.fr
60, bd Saint Michel http://www.ensmp.fr/~martins
75272 - PARIS CEDEX 06
mailto:Jose-Marcio(_dot_)Martins(_at_)ensmp(_dot_)fr