[ietf-dkim] Why mailing lists should strip DKIM signatures
Murray S. Kucherawy
msk at cloudmark.com
Fri Apr 23 15:28:43 PDT 2010
> -----Original Message-----
> From: John Levine [mailto:johnl at iecc.com]
> Sent: Friday, April 23, 2010 2:34 PM
> To: ietf-dkim at mipassoc.org
> Cc: Murray S. Kucherawy
> Subject: Re: [ietf-dkim] Why mailing lists should strip DKIM signatures
> >If I'm running a mailing list and I get a piece of signed mail, I'm
> >certainly not removing its signature. The signer's reputation should
> >suffer if people complain, or benefit in the absence of a complaint.
> Well, gee, in that case since I don't control or even know the way you
> manage your lists, I don't dare sign anything I send you. If you (the
> generic you, not Murray) start to do a lousy job of managing your
> lists, why is that your subscribers' problem?
If you begin to get complaints because you are on some list whose owner isn't bothering to conduct list hygiene, I would imagine you'd ultimately unsubscribe from the list and find or create another one that's properly managed. And I imagine a lot of other members of that list would follow, even if only because you all also find the overall list's content to be irritating.
In terms of reputation systems that might rely on DKIM, I doubt a single incident would or should be enough to clobber your reputation entirely. And in fact I'd want my good content to hit some lists signed so that more receivers get a chance to collect data that I'm a good guy.
I don't think it's a big stretch to think as reputation rolls out, people will be more discerning about how and where they send mail.
> >Even without thinking of the FBL issues, I would want a reputation
> >systems to be fully informed about a candidate system rather than
> >only partially informed.
> Me too. Mail from the list is the responsibility of the list. QED and
> all that.
But if you redact the original signature, you're only providing some of the information that could be provided to the receiver.
> >I spoke to a couple of people about this in Anaheim: A way of using
> >DKIM and Auth-Results to establish a definite chain of custody of a
> >message would be highly useful.
> Hmmn. Was this in the context of mailing lists, or in general?
Lists, specifically, in that instance. Something like: X sends to a list at Y that then relays to Z; Z trusts Y to implement DKIM and Authentication-Results and all that properly, so Z believes Y when it says "X had a signature on here that verified" even if X's signature on arrival at Z is either invalid or absent.
More information about the ietf-dkim