[ietf-dkim] draft-ietf-dkim-mailinglists-02 review

Wed Sep 1 14:43:10 PDT 2010

> -----Original Message-----
> From: ietf-dkim-bounces at mipassoc.org [mailto:ietf-dkim-
> bounces at mipassoc.org] On Behalf Of Scott Kitterman
> Sent: Wednesday, September 01, 2010 4:56 AM
> To: ietf-dkim at mipassoc.org
> Subject: Re: [ietf-dkim] draft-ietf-dkim-mailinglists-02 review
> 
> > At this point, unless we can cut back the MLM document to stick to
> > items that we have consensus about, e.g., that it is typical for
> > signatures applied to incoming mail not to verify after a message
> > passes through an MLM, and that it would be nice if a list or its MTA
> > signed its outgoing mail, I don't think we will produce anything that
> > is useful to anyone.
> 
> If that's all we can say, I'd say don't bother.  I don't see much value
> in the
> DKIM working group saying it thinks mail should be signed by DKIM.

I also submit that a two-paragraph document saying "Lists should sign mail" and "Lists should reject traffic from ADSP discardable domains" is not worth the effort to push through to publication as an RFC.  If that's the kind of clear-cutting we agree on, let's just make them new paragraphs or sections in a revision to the deployment document whenever we get around to it, and declare this document dead.

Personally I do see use in the document's current form.  Although I realize MLMs haven't done the work to preserve signatures in the past, I get the feeling there's desire out there for that to start to happen; receivers want it, for whatever reason, and I don't hear a lot of people coming out against the idea.  Are we really on solid ground telling them "You don't need/don't want/can't have it?"

I find the "Nobody's ever wanted this, why should it change now?" argument about MLM behavior antithetical to the whole DKIM premise.  The same logic there would sound like "Nobody's ever had a reliable identifier on a message before, what makes you think it's needed now?"

Maybe if people say they want preserved author signatures, and we encourage MLMs in the direction of preserving author signatures, and they're willing to give it a go, then it is indeed worth making a more meaty statement about it.