ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: DMARC: perspectives from a listadmin of large open-source lists

2014-04-16 07:59:10
from [Michael Richardson] [Permanent Link] 

It's clear to me that we need at least a non-WG mailing list for this
*technical* discussion.  Fixing the mailing list problem may require
fundamental changes in how things work; and I think that is okay.
Maybe we could try this NNTP thinkg I've heard about :-)

Pete Resnick <presnick(_at_)qti(_dot_)qualcomm(_dot_)com> wrote:
    > a decision on which lists to send to, that's a different thing.) If the
    > originator's site is going to allow that, you could create a mechanism
    > where
    > the originator's site gets some sort of cryptographic data from the
    > mailing list site and include that in its signed message, such that
    > when the eventual

so, what you are saying is that based upon the (SMTP) To: address, the sender
needs a signal that this is a mailing list, and some way to react.
Maybe this could be combined with various SMTP DANE mechanisms, or at least,
maybe "Additional RR" could return that kind of information.

I think that there are a whole bunch of architectually important things
here.  The signal has to come early enough to either modify the DKIM process,
or if the signal comes rather late (such as during SMTP delivery), then it
needs to be possible to redo the DKIM process.  I think that this will be
challenging for many large installations where there are multiple layers of
outgoing SMTP delivery machines, and DKIM is just a stage in the process.

But, I don't think it is impossible.
Consider all the other meta info that could be stored along with the "I am a
list" signal... things like how to subscribe, unsubscribe, location of
archive, etc.

Imagine if that signal also changed the protocol from SMTP to NNRP POST?

    > And again, this is only if the originator indicates that it *wants* to
    > allow its users to have their mail redistributed. The site is well
    > within rights to ndicate that it doesn't want that to happen, and a
    > friendly mailing list would bounce the mail in that case.

Running code.  we need someone to fund and participate in an experiment.
 (cf: other thread about not participating in SDOs anymore)


--
Michael Richardson <mcr+IETF(_at_)sandelman(_dot_)ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-

Attachment: pgpUQFwkXPie4.pgp
Description: PGP signature

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: DMARC and yahoo, Yoav Nir
Next by Date:  Re: "why I quit writing internet standards", Thomas Clausen
Previous by Thread:  Re: DMARC: perspectives from a listadmin of large open-source lists, Pete Resnick
Next by Thread:  Re: DMARC: perspectives from a listadmin of large open-source lists, Miles Fidelman
Indexes:  [Date] [Thread] [Top] [All Lists]