On Wednesday 24 August 2005 01:41 pm, Hector Santos wrote:
"Frank Ellermann" <nobody(_at_)xyzzy(_dot_)claranet(_dot_)de> writes:
Trading it for a mailing list issue. I hope the DKIM list
finds a robust FWS-canonicalization, it's no rocket science.
Yeah, thats a big one.
Even if a mailing list resigns, it may break the original domain signing
policy. It raises the issue that the user might be prevented from
submitting a signed message into a list or even that a user might have to
use a different domain that is for signing purposes if its going to be
invalidated all the time. Thats a big change for users.
S/MIME and OpenPGP both allow signatures over signatures, and OpenPGP has a
draft concept of 'chain of custody' for forwarding and re-signing. I presume
that the DKIM folks will need to address this in some way as well.
Regards,
- Brian