Murray S. Kucherawy responds to my (not-so-new) suggestion: >> Some days ago I tentatively suggested signing only part of >> some message parts, in particular part of the Subject header >> (excluding any future additions of "[list-identification]"),
> As I recall this was considered during the development of DKIM originally, > exactly for this reason. We rejected it because we couldn't come up with a > safe description of what a tag should look like. If arbitrary text is > allowed in there, then one could "tag" a spam URL at the front of a > legitimate message's Subject field and the signature would still pass. Right, but if that tag were explicitly deemed to be excluded from the signature, it could be handled differently. Hmm, but if this resulted in (for example) the tag not being displayed, then we would have gained nothing in the case of mailing lists. > Short of introducing legislation about what constitutes a "standard" set of > list modifications, which would be highly controversial Unlike, say, having mailing lists munge the "From:" header. ;-) > and consensus > firmly disliked, there wasn't a good path forward there, so the working > group dropped the idea. ... but okay, in view of the fact that this idea ends up not really gaining us much in terms of allowing mailing lists to tag their messages, I'll drop it. Anne. -- Ms. Anne Bennett, Senior Sysadmin, ENCS, Concordia University, Montreal H3G 1M8 [email protected] +1 514 848-2424 x2285 _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
