On 30/Jul/10 10:58, Douglas Otis wrote: > On 7/29/10 6:46 PM, Alessandro Vesely wrote: >> 1. There is no standard way for the domain to learn when any of its >> users subscribe to a new list. > > Disagree.
I'm happy to hear that. The possibility that a domain becomes aware of all of its users' subscriptions has been aired various times before. I think that is in many people's desiderata, and have even tried to devise a way of collaboratively doing it (fixforwarding.org.) Anyway, let's assume that a domain has somehow managed to maintain a database of all the lists that its users are subscribed to. That domain signs all outbound mail and publishes a non-default ADSP. I propose that, when a message is destined to a list, the author domain signs a few header fields only, not the body, and tags the message with a (signed) list-signature-required sort of advice. Messages to multiple list and non-list recipients have to be split, regularly signing the non-list copy. Another way of achieving the same effect would be to standardize all acceptable message changes, together with a MIME-compliant canonicalization. We've already noted that in some cases (plain text, poster-added subject tags, not signing "Content-Type", l=) it may work as-is. For the general case, and for the time being, the advice requiring the added list signature guards against replay attacks: Verifiers must ensure that both signatures are valid, unless they are the domain whose signature is missing. >> 2. Granting a TPA implies a good degree of trust. > > Most mailing lists would be safe for a domain in their position to > authorize. Except that phishermen.com may set up a mailing list for the sole purpose of getting that auth. W.r.t. TPA, this joint-signature proposal only authorizes messages actually destined to a mailing list. Although the list can change the whole body, it is still constrained by the few signed fields. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html