--On Monday, October 26, 2015 12:31 -0400 John R Levine
<johnl(_at_)taugh(_dot_)com> wrote:
For better or worse, we've got a perfectly good, standard, way
of doing that when the list is to be treated as the sender.
That would be to ask developers of list software to use
Resent-From.
ARC adds a cryptographic chain of signatures adopted from
DKIM. I suppose you could use an extended version of
Resent-From but it'd amount to the same thing.
There are two differences, for whose importance I appeal to Dave
Crocker's comments about educating users.
If I'm a casual (aka "normal") user
From: Joe Bloggs <bloggs(_at_)example(_dot_)com>
Resent-from: fubar mailing list <fubar-reply(_at_)example(_dot_)net>
Makes, or appears to make, good intuitive sense and involves no
information loss. If that user's MUA hides the Resent-*
field(s), not much is lost either, indeed it looks like status
quo with that hidden and some additional documentation
(supplementing the List-* fields) if it is displayed.
By contract, the DKIM fields are clearly designed for processing
by computers, not people. If they were routinely displayed to
those end users, I'd expect protests to MUA authors/vendors
asking that they be hidden as incomprehensible and annoying
noise.
That doesn't mean that an ARC signature chain is a bad idea. I
have doubts about its effectiveness in practice, but, if it
help, that is great. But changing the intuitive (and
business-letter-based) semantics of the "From:" field strikes me
as a bad idea that requires far more consideration than some
mail vendor (or cluster of such vendors) deciding it might make
their lives easier. Of course, a combination of
address/signature chaining with intelligent use of "Sender:"
and/or "Resent-*" might bring benefits with few or note of the
obvious disadvantages.
john