[ietf-dkim] Re: DKIM and mailing lists
Stephen Farrell
stephen.farrell at cs.tcd.ie
Mon Jan 23 13:41:05 PST 2006
Dave Crocker wrote:
>
>> This is very interesting. For our antispam system I'd like to be able
>> to distinguish between mailing list traffic and person to person
>> traffic, since they largely have very different characteristics. In
>> this sense, to me, 'do the right thing' would be to re-sign the
>> message -- we've been able to use Yahoo! Groups (re)signing as a
>> feature. I'm sure that others could easily argue that doing the right
>> thing is to leave the message in a way that encourage the final
>> receiving system to check the initial signature, so they could apply
>> rules based on the original author.
>
> Hmmm.
Indeed.
> Sounds like good reasons for two, different styles of signature use.
Ok, just for the moment, let's assume that we did that.
I guess the obvious next question then would be: why only two? That
is, are there other use cases which are sufficiently different that
some level of extensibility is needed?
This could represent a potential slippery slope, but if we added
some kind of signature typing, with each type having associated
rules, we could define two types now, (perhaps originating MTA
and list server) and then someone else could define others later
on.
But is there a need for that?
> Sounds like a good reason to permit both and let operators and users, in
> the wild, play with them and find out what scenarios are the most helpful.
>
> Therefore it seems that,
>
> a) we should not specify DKIM in a way that makes either scenario
> automatically break -- where "automatically" means that a user of DKIM
> might, on their own, do something to break one or another scenario -- and
>
> b) we should not recommend or require either scenario, although
> non-normative discussion could provide helpful pedagogy, to show DKIM's
> possible flexibility.
Nice summary,
S.
More information about the ietf-dkim
mailing list