[ietf-dkim] Clarifying DKIM (etc.) expectations for mailing lists in the face of digests

Dave CROCKER dhc at dcrocker.net
Wed Aug 4 14:52:00 PDT 2010 


On 8/4/2010 2:44 PM, Rolf E. Sonneveld wrote:
>> Phrased differently, the question I am asking is:
>>
>>      A mailing list digest does not preserve DKIM signatures from (any of) the
>> original messages, and this appears to be acceptable to the community.
>>
>
> Are you sure it is acceptable to everyone, or does the community take it as it
> is?

That's a fair question, and frankly I doubt much of the community is even aware 
of the issue.  So really I'm making an assumption.

Given that it is impossible to preserve the signature, when the message is 
embedded in another message, I'd be inclined to say that we need to see evidence 
from the community that that's not acceptable.


 >   I agree with you that there should be no difference regarding the treatment
> of the original DKIM signature, whether the message arrives in digest form or
> not. I'm still not convinced that the original DKIM signature is not relevant
> for the verifier of the message at the receiver side.

If they cannot verify the signature and the specification says to treat 
unverified signature the same as having no signature, then anything else the 
receiver chooses to do is outside of the specification.


> The tension that there is between the MLM being a User Actor and being a
> Mediator is illustrated with the following text you wrote in RFC5598:

I don't understand what you mean by "tension".  A Mediator is a type of User 
Actor.  It is not a Relay.


>>        RFC5322  <http://tools.ietf.org/html/rfc5322>.Reply-To:  Set by - Mediator or original Author
>>
>>           Although problematic, it is common for a Mailing List to assign
>>           its own addresses to the Reply-To: header field of messages
>>           that it posts.  This assignment is intended to ensure that
>>           replies go to all list members, rather than to only the
>>           original Author.  As a User Actor, a Mailing List is the Author
>>           of the new message and can legitimately set the Reply-To:
>>           value.  As a Mediator attempting to represent the message on
>>           behalf of its original Author, creating or modifying a
>>           Reply-To: field can be viewed as violating that Author's
>>           intent.
>
> If we look at the MLM as being a User Actor, then I agree that we should not
> care about the original DKIM signature. If however we consider the MLM as a
> Mediator, we should probably care about the original DKIM signature.
>
> Is there consensus that in the context of an MLM the original DKIM signature can
> be dropped and we should not care about it?
>
> /rolf

-- 

   Dave Crocker
   Brandenburg InternetWorking
   bbiw.net

More information about the ietf-dkim mailing list