[ietf-dkim] Re: I-D ACTION: draft-ietf-dkim-overview-02.txt
johnl at iecc.com
Mon Nov 6 14:58:37 PST 2006
>#8 Our charter calls for us to help mail list admins to be
>DKIM-friendly. I don't really know what that entails but I don't see
>section 9.3 providing it either. What to do? E.g. I would have
>thought saying the adding a "[LIST]" preface to the Subject would be
>unfriendly to messages where the Subject field was signed and might
>recommond some other list flagging scheme.
Assuming the overview is intended for people who are not already
familiar with DKIM, we should delete and replace most of this section.
The current wording gives the misleading and unfortunate impression
that if you want to use DKIM with mailing lists, you have to remove
all features from your list software added since about 1987. If I
were a list admin reading that, my response would be there's no point
in wasting time with DKIM since it doesn't work with the software that
my users and I already use.
Proposed new section 9.3:
A mailing list often provides facilities to its administrator to
manipulate parts of the mail messages that flow through the list. The
desired goal is that messages flowing through the mailing list will be
verifiable by the recipient as being from the list, or failing that,
as being from the individual list members.
In most cases, the list and/or its mail host should add its own
signature to list mail. This could be done in the list management
software, in an outgoing MSA or MTA, or both. List management
software often makes modifications to messages that will break
incoming signatures, such as adding subject tags, adding message
headers or footers, and adding, deleting, or reordering MIME parts.
By adding its own signature after these modifications, the list
provides a valid recognizable signature for list recipients.
In some cases, mailing list software is simple enough that signatures
on incoming messages will still be valid after being remailed by the
list. It is still preferable that the list sign its mail so that
recipients can distinguish mail sent through the list from mail sent
directly by list members, but in the absence of a list signature, a
recipient may be able to recognize and use the signatures of list
members known to the recipient.
More information about the ietf-dkim