[ietf-dkim] what does DKIM do, was draft-ietf-dkim-mailinglists-01 review request
John R. Levine
johnl at iecc.com
Tue Aug 10 10:52:11 PDT 2010
> DKIM is a particular service. An MLM will typically destroy a DKIM
> signature. If destruction doesn't count as "conflict with" then I don't know
> what does.
I can live with Murray's language, but I'm seeing what appear to me to be
some fairly basic disagreements about what DKIM does.
My understanding is that it's intended to combine a modest integrity check
of messages in transit with a responsible identity. That's all it does.
In particular, it's not intended to provide long term bullet proof message
protection, and (disregarding ADSP) there's no semantics assigned to the
absence of a valid DKIM signature.
The arguments about the alleged importance of preserving inbound
signatures are silly for a bunch of reasons. One is three decades of
practice in which nobody has worried about recipients verifying the
identities of list contributors. (I can't help but note the absence of
S/MIME or PGP signatures on the mail of people who argue otherwise.)
Another is the observed consistent practice of sorting and I believe
filtering based on the characteristics of the list rather than individual
Also, if one believes that we should rewrite MLMs to provide some tortured
way to pass through signatures, or to cater to misimplementations that
penalize broken signatures, why stop there? Many lists are read through
online reformatters like pipermail. Should we demand they all get
rewritten to preserve DKIM signatures? If not, what's the difference?
More information about the ietf-dkim