On Dec 6, 2004, at 7:58 AM, David Woodhouse wrote:
On Mon, 2004-12-06 at 07:39 -0800, Dan Wing wrote:
I personally agree but the consensus is that MASS only deal with
transitory authentication.
Hm. Surely the whole question of mailing lists is irrelevant then,
because we should only ever be trying to validate the _list_ address
and
not the original author's address anyway?
If the list signs messages, and the list's policy for accepting posts
"jives" with your policy for accepting email, you're right.
But if the list doesn't sign messages, or the list's policy is different
from yours (such as being less restrictive than your personal policy or
your company's policy), it seems you'll want the ability to discern if
the poster was authorized and make your own policy decision.
If that's really a consensus which is set in stone already, then we're
insane to be looking at RFC2822 identities, since the claim that
they're
'visible' is a complete fallacy if you're talking only of the most
recent identity which may be in a Sender: or Resent-From: header
anyway.
We should be using RFC2821 MAIL FROM: for that.
The IETF-MAILSIG mailer inserts a Sender: header and rewrites the MAIL
FROM; both are set to the same address. My experience is that the
IETF-MAILSIG mailing list behavior is common mailing list behavior, so
I guess I don't agree that using Sender: is a bad idea.
-d