> Misinformation and damage to reputation are two that come to mind. The > fact that a domain (or author within a domain) wishes to protect > themselves by signing what they write should not be discounted. This > should be true even (or particularly) when what they write or emit > passes through a mail list.
It just doesn't seem realistic to expect to be able to use contributors' signatures for list mail for a variety of reasons. Most lists will break signatures, for a variety of reasons that aren't going to change, starting with subject line tags. If the signature is broken, you need something else so the list can assert that a message was signed when it arrived. But such assertions are only credible if the list itself is trustworthy. If you already know you trust the list, how much practical benefit is there to the assertion? How often have you gotten mail from a real list with a faked sender? (In my experience, never other than a few obvious jokes.) And if that is a problem, rather than adding stuff to let list members detect the fake, why wouldn't it be better for the list to do it and not accept faked mail in the first place? R's, John _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html