Actually we need to validate two assertions:
* That the mail came from the stated author, e.g. PHB.
* That the mail was relayed by the IETF mailing list.
Well, yes, but those are easy. What's hard is demonstrating that the
message that the list relayed is the same in a semantic sense as the
message that Phill sent, even though it has the kind of changes that lists
make, a tag in the subject line, a footer at the bottom, and attachments
stripped.
See the last decade or so on the DKIM and now DMARC mailing lists for
endless not very productive discussions about ways to describe permitted
changes without also allowing vast amounts of spam and phishing, leavened
by blithe assertions that mailing lists have been doing the wrong thing
for 40 years and should never make any changes to messages at all.
Regards,
John Levine, johnl(_at_)taugh(_dot_)com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail.