[ietf-dkim] Concerns about DKIM and mailiing lists, etc.
phoffman at proper.com
Wed Mar 15 14:18:48 PST 2006
At 2:05 PM -0800 3/15/06, Michael Thomas wrote:
>And then what? What would you have my receiver do differently just
>because some random third party inserted a signature?
There is no "random third party" here. It is a mailer that the user
gets mail from. The signature would match the content of the message
that they got, including list-specific content such as List-*
headers, the possibly-munged Subject line, and the possibly-munged
What they would do differently is validate the signature, see that it
is from someone who is supposed to be signing the message, and accept
it, just like they do for regular mail.
>In any case, we're only talking about
>one valid signature since the mailing list torqued the original signature.
If there is WG agreement that there can only be one DKIM signature
per message, then the mailing list removes the existing signature and
replaces it with its own. If there is WG agreement that there can be
parallel or cascading signatures, then the mailing list adds its
The fact that the WG has not yet decided how to handle multiple
signatures does not mean that it won't in the future.
More information about the ietf-dkim