[ietf-dkim] list vs contributor signatures, was Wrong Discussion
Alessandro Vesely
vesely at tana.it
Tue Apr 27 11:43:47 PDT 2010
On 27/Apr/10 18:34, John R. Levine wrote:
> It just doesn't seem realistic to expect to be able to use contributors'
> signatures for list mail for a variety of reasons.
>
> Most lists will break signatures, for a variety of reasons that aren't
> going to change, starting with subject line tags.
Couldn't that be standardized, or taken into account using the List-*
headers?
> If the signature is
> broken, you need something else so the list can assert that a message was
> signed when it arrived. But such assertions are only credible if the list
> itself is trustworthy.
You mean DKIM-enabled?
> If you already know you trust the list, how much practical benefit is there to the assertion?
None. But lists who don't require DKIM to accept posts may happen to
publish occasional forgeries.
BTW, are there lists that require DKIM "pass" to accept posts?
More information about the ietf-dkim
mailing list