[ietf-dkim] Re: dkim service
johnl at iecc.com
Thu Oct 13 11:58:20 PDT 2005
>3. If it decides that it should pass, the mailing list should LEAVE the
>existing signature (that part is not universally agreed on, of course,
Since the signature won't verify any more, I don't see the point.
There have been some proposals to standardize a header that a verifier
could add to say that it found a good signature, and the outgoing
signer could sign that, but I'm not sure that's any more useful in
practice. How much list mail do you get where there's a question
about whether the nominal sender really sent a message? Again, in my
experience it's rare enough that we are reduced to citing individual
>The mailing list may, of course, choose to re-sign the message even if
>it does not mangle it, which is all the more reason to leave the
>original (still-valid) signature there.
If the list happens to do little enough to the messages that the
signature still passes, that's fine. I just want to make sure that
surviving lists is a non-goal, because it's a hopeless swamp.
More information about the ietf-dkim