On 26 May 2011, at 14:40, John R. Levine wrote: >>> So this tells me that existing mail software doesn't try very hard to >>> recover signatures from modified messages, even for simple changes that >>> don't need any guessing or heuristics to undo. >> >> My client found the signature, otherwise it would not have commented on its >> validity. It just wasn't able to verify it. > > Hmmn. How does it like the copy of this message sent to you directly? The > signature was definitely good on the way out.
That looks fine. >> I think the long term solution would be for mailing list software to stop >> mucking around with the message body, and for MUAs to work better at >> exposing meta data added by lists (like the list-unsubscribe header). > > Actually, I think the long term solution is for people to stop pretending > there is a problem. Can you describe the operational problems you're > experiencing here? "Broken signatures" is a fact, not a problem. Mailing > lists have worked quite well for 40 years with no signatures at all, making > all sorts of random changes to the mail, so it has to be something more than > that. I didn't posit this as a problem. Others did. I jumped in at the point that you said s/mime was already a solution, with a message that proved otherwise. I also said that - if there's a problem with packages arriving broken - then the solution lies in making the paths smoother rather than increasingly fancy suspension. > Also, if you're suggesting changes to list software, please explain why they > would have greater benefits than the obvious and simple one to have lists add > their own signature on the way out. Well, I guess that there must be use cases where one would want to verify that the sender's message was unaltered. I accept that they're less common than with non-list mail, though. > Regards, > John Levine, jo...@iecc.com, Primary Perpetrator of "The Internet for > Dummies", > Please consider the environment before reading this e-mail. http://jl.ly -- Ian Eiloart Postmaster, University of Sussex +44 (0) 1273 87-3148 _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html