[ietf-dkim] Lists "BCP" draft available
Eliot Lear
lear at cisco.com
Mon May 17 22:51:58 PDT 2010
John,
> Yes, of course. The signature means that this message really truly
> came from the mailing list, as opposed to being a random piece of spam
> that happened to resemble list mail. What else would it mean? Lists
> have never promised that the original sender was "real" nor that
> messages aren't edited on the way through.
Lists never have had DKIM to deal with, so they've never had the option
to make any such promise. The signature lends the MLM's credibility to
the message, which in turn could hurt the MLM's credibility if it turns
out to be signing garbage. How else would a reputation for signers work?
The MLM wants to signal to the recipient the veracity of the origon.
That's why Murray's approach in the draft is to add an A-R header, which
he states in the draft goes beyond A-R's intent in terms of trust. An
alternative would be to simply not sign the message.
Eliot
More information about the ietf-dkim
mailing list