On Mon, Jan 23, 2006 at 10:18:59PM -0500, Hector Santos allegedly wrote: > > From: "Tony Hansen" <[EMAIL PROTECTED]> > > > > I'm tempted to say: if the mailing list is going to do > > *anything* to the message other than act as a simple > > reflector, it *must* strip out any existing dkim signature. > > What it does after that is up to the mailing list. > > This would make sense for certain policies. If the processor is going to
Actually I'm not sure why a list has to do anything in this case. If a failed signature is the same as no signature, then the very action of a mutating list has the effect of "stripping out" any existing sig. So why impose extra work on a list? And why not let the natural course of existing lists serendipitously "do the right thing"? Of the big benefit is instant compliance by a huge array of pre-existing list s/w. I also worry about the expectation of lists looking at policy - it's going to be many many years before a signer can expect their policy to be looked at by a significant majority of list s/w. In the intervening years they will be able to advertise as restrictive policy as they like and it will mostly be disappointed at the outcome. Mark. _______________________________________________ ietf-dkim mailing list http://dkim.org