[ietf-dkim] what does DKIM do, was draft-ietf-dkim-mailinglists-01 review request

[Murray S. Kucherawy]

> -----Original Message-----
> From: ietf-dkim-bounces at mipassoc.org [mailto:ietf-dkim-
> bounces at mipassoc.org] On Behalf Of John R. Levine
> Sent: Tuesday, August 10, 2010 10:52 AM
> To: dcrocker at bbiw.net
> Cc: ietf-dkim at mipassoc.org
> Subject: Re: [ietf-dkim] what does DKIM do, was draft-ietf-dkim-
> mailinglists-01 review request
> 
> > DKIM is a particular service.  An MLM will typically destroy a DKIM
> > signature. If destruction doesn't count as "conflict with" then I
> don't know
> > what does.
> 
> I can live with Murray's language, but I'm seeing what appear to me to
> be
> some fairly basic disagreements about what DKIM does.
> 
> My understanding is that it's intended to combine a modest integrity
> check
> of messages in transit with a responsible identity.  That's all it
> does.

I don't think we're disagreeing.  The premise of the draft states simply that DKIM is a mechanism for attaching a (provable) domain name to a message as a means for taking some responsibility for it, and that some common MLM practices interfere with the delivery of that payload.  I don't think there's any express or implied claim in the document that DKIM does more than that.

But what you're saying seems antithetical to most of the document, which goes to some lengths to describe ways that MLMs and DKIM can co-operate better.  So should we not bother?

> The arguments about the alleged importance of preserving inbound
> signatures are silly for a bunch of reasons.  One is three decades of
> practice in which nobody has worried about recipients verifying the
> identities of list contributors.  (I can't help but note the absence of
> S/MIME or PGP signatures on the mail of people who argue otherwise.)

Though I don't claim to be able to predict the future, I can speculate that this could become an important thing as domain reputation gets rolled out.  So it might not matter now, but it could matter soon.