[ietf-dkim] SSP and mailing lists
Steve Atkins
steve at blighty.com
Mon Sep 11 19:54:02 PDT 2006
On Sep 11, 2006, at 7:13 PM, Hector Santos wrote:
>
> ----- Original Message -----
> From: "Steve Atkins" <steve at blighty.com>
> To: "IETF DKIM WG" <ietf-dkim at mipassoc.org>
>
>>> I can see that now being added to our list server product during the
>>> subscriber process so that the owner doe not get embroiled in
>>> damaging
>>> signatures, thus helping the domain protect themselves.
>>
>> I'm hearing what sounds like a lot of FUD. Could you expand on
>> the details of what you perceive as a "damaging signature"?
>
> No FUD.
>
> Just look at all the signed DKIM messages in this IETF-DKIM list.
> They are
> damaged DKIM signed messages. 100% failures!
>
> No FUD.
>
> Now, if this list server was DKIM-Ready, as suggested in the DSAP
> proposal,
> it can take pre-emptive steps to deny restrictive domains from
> subscribing
> to the list or atleast send a warning to the subscribing email address
> saying any Signed Mail will be damage due to the MLS behavior to
> alter the
> integrity of the message.
Ah, I misunderstood. Your concern is that some mail transports,
including mailing lists, will invalidate a messages signature,
causing it to be unsigned.
That's certainly true, though I see it more as an example of
the futility of expecting DKIM, and anything based on it,
to be able to decide between "this is authorized mail" and
"this is unauthorized mail" rather than between "this is
authorized mail" and "I don't know whether this is
authorized or not".
Cheers,
Steve
More information about the ietf-dkim
mailing list