On Tue, 23 Aug 2005, Keith Moore wrote: > > I think that authors that want to protect their reputations can arrange for > their messages to have DKIM authorship signatures, and also advertise (say via > DNS) that their messages will have such signatures. Whether this is done via > an MUA, or via a special submission server, or whatever, is up to the author.
You can only do this in the MUA because only the MUA can tell the difference between a new message and a re-submission. However DKIM is designed to be deployed in an MTA in the usual case. > I also think that submission servers can sign their messages in such a way as > to be traceable to who (re)submitted the message (based on the authenticated > ID) and to identify to whom the message was sent. I agree, and plan to do exactly that on my servers :-) DKIM already supports this mode of use. However the submission server cannot trivially include the list of recipients in the message signature and remain compatible with BCC (which is one of our requirements). Though perhaps something like LOAF could be used instead of a simple list of recipients, though the Bloom filter might be a bit too bulky. http://loaf.cantbedone.org/about.htm Tony. -- f.a.n.finch <[EMAIL PROTECTED]> http://dotat.at/ BISCAY: WEST 5 OR 6 BECOMING VARIABLE 3 OR 4. SHOWERS AT FIRST. MODERATE OR GOOD. _______________________________________________ ietf-dkim mailing list http://dkim.org
