On Fri, Jun 19, 2020 at 12:03 PM Pete Resnick <[email protected]> wrote:
> On 19 Jun 2020, at 13:38, Dave Crocker wrote: > > > The description of what a Mediator might do is not incompatible with > > also viewing it as having characteristics of a publisher: > >> > >> ### [5.3](<https://tools.ietf.org/html/rfc5598#section-5.3>). Mailing > >> Lists > >> > >> > >> ... > >> In addition to sending the new message to a potentially large > >> number > >> of new Recipients, the Mailing List can modify content, for > >> example, > >> by deleting attachments, converting the format, and adding > >> list- > >> specific comments. > > Fair enough, but as you mention below, in the case of the common mailing > list, the intent is simply to redistribute the message with minimal > change (hence the retention of the Message-ID: and the From:). That > said, I do disagree with the reasoning given with regard to why > 5321.MailFrom has changed: It's not because of the authorship, but > rather because it is responsible for the submission onto the network, > just as the ReSender is in 5.2. > > > Note that in terms of email transport, it is posting a new message. > > Strictly in terms of transport, yes. But in terms of the layer above > (the 5322 layer), it is usually the same message; see the second Note: > in RFC 5322 section 3.6.4: > > Note: There are many instances when messages are "changed", but > those changes do not constitute a new instantiation of that > message, and therefore the message would not get a new message > identifier. For example, when messages are introduced into the > transport system, they are often prepended with additional header > fields such as trace fields (described in section 3.6.7) and > resent fields (described in section 3.6.6). The addition of such > header fields does not change the identity of the message and > therefore the original "Message-ID:" field is retained. In all > cases, it is the meaning that the sender of the message wishes to > convey (i.e., whether this is the same message or a different > message) that determines whether or not the "Message-ID:" field > changes, not any particular syntactic difference that appears (or > does not appear) in the message. > > > Mediators really have complete freedom to do whatever they want. If > > describing the full range of what a publisher might do, it would cover > > the same range. > > Well, "complete freedom" in the sense that no Internet police prevent > such actions. But for most mediators, large substantive (for interesting > definitions of "substantive") changes are outside of the scope of their > definitions, and would probably invite someone to say, "That's not being > a mediator." Certainly that would happen in the case of an alias or a > resender. > And if we knew how to encode and verify that the mediator sticks to that, we could enforce it with policy. There were several attempts to come up with alternative signing schemes that would allow messages to pass through mailing lists and still be verified as "untampered" with, and we were unable to come up with such a thing. Perhaps we could have constrained ourselves to a 80 or 90% solution, and that would have been sufficient and a better solution than From header rewriting. Everyone has their opinion on the must haves for mailing list message modification, and it becomes quickly intractable. Brandon
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
