[ietf-dkim] MLMs and the use of multipart/alternative to preserve original DKIM signature and at the same time add a new DKIM signature
Rolf E. Sonneveld
R.E.Sonneveld at sonnection.nl
Tue Aug 3 06:30:17 PDT 2010
On 08/03/2010 02:13 PM, Bill.Oxley at cox.com wrote:
> When I receive an email from DKIM mailing list, I know that it may contain messages from Dave Hector John Doug et all but in my mind the from is DKIM mailing list. The only dkim sig I am interested in is ietf-dkim at mipassoc.org and if I bothered to check adsp for etf-dkim at mipassoc.org I wouldnt waste time checking any other signatures/adsp assertions from participants as I see a mailing list as an aggregator.
Again, I am not talking about ADSP.
> If I was designing mailing list software I would strip any incoming headers that made any assertions about the authors, sign the pile with my dkim sig and forward as designed. I would be asserting that etf-dkim at mipassoc.org is the author/aggregator not a forwarding service. Trying to have 3rd party in a hands off transaction assert or check that the authoring party may be who they say they are and making decisions upon adsp discardable that may or may not be valid is beyond any sensible solution.
> thanks, now back into lurk mode
>
Trusting the MLM may be possible for you personnly for this particular
mailing list, but your choice is not scaleable to the Internet at large.
Or is the general consensus that (in the long run) the reputation of the
MLM domain is sufficient for the verifier/receiver of MLM distributed
mail? I don't read that in the draft.
/rolf
More information about the ietf-dkim
mailing list