Russ,
When we designed the MLA mechanism, we assumed that each mail
list would have a separate key pair and certificate. I do not
think that this is an unreasonable assumption. Today, Web servers
that support more than one site have a certificate for each of the
sites.
I had reached this conclusion on further reading of 2634. Whilst being
able to use a single certificate (and ACs for example) for hundreds of
lists would be useful, it is not a major concern at the moment.
My main issue was to have a mechanism to indicate on whose behalf of
whom a signed receipt was generated (e.g. in the case of an "All"
request from a ML).
Either a specific field in the Receipt structure, or just an extension
mechanism (which may be more generally useful).
Graeme