ietf-mailsig
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: mailing list software, was What does the mailsig mechanismmean?

2004-11-03 10:31:10
from [David Woodhouse] [Permanent Link] 

On Wed, 2004-11-03 at 17:06 +0000, Tony Finch wrote:

That algorithm gets the wrong "most recent sender" if you resend a message
to a mailing list. In that case the most recent sender is the mailing list
identified in the Sender: field, but the algorithm chooses your address
from the Resent-Sender: or Resent-From: field.


True. In that case we can't actually tell reliably which was most
recent, can we? Which means we'll just have to give the benefit of the
doubt -- if there's any way it could be legitimate, we mustn't reject
it. We can reject a mail with both Sender: and Resent-{From,Sender}:
headers only if _both_ parties claim that they'll always sign mail, and
a valid signature for _neither_ was found.

-- 
dwmw2
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: mailing list software, was What does the mailsig mechanismmean?, Michael Thomas
Next by Date:  RE: mailing list software, was What does the mailsig mechanismmean?, Dave Crocker
Previous by Thread:  RE: mailing list software, was What does the mailsig mechanismmean?, Tony Finch
Next by Thread:  RE: mailing list software, was What does the mailsig mechanismmean?, william(at)elan.net
Indexes:  [Date] [Thread] [Top] [All Lists]