> >3. If it decides that it should pass, the mailing list should LEAVE the
> >existing signature (that part is not universally agreed on, of course,
> Since the signature won't verify any more, I don't see the point.
> There have been some proposals to standardize a header that a verifier
> could add to say that it found a good signature, and the outgoing
> signer could sign that,
And possibly the signature header as well, assuming it was retained.
> but I'm not sure that's any more useful in
> practice. How much list mail do you get where there's a question
> about whether the nominal sender really sent a message? Again, in my
> experience it's rare enough that we are reduced to citing individual
> spoofed messages.
Even supposing the information is theoretically useful in a non-negligable
number of cases, how would you propose to communicate these semantics to a
novice user? The semantics of a single DKIM assertion are already pretty tricky
- as evidenced by the debate we've been having. I see little hope of making
this case clear enough to be useful in practice.
> >The mailing list may, of course, choose to re-sign the message even if
> >it does not mangle it, which is all the more reason to leave the
> >original (still-valid) signature there.
> If the list happens to do little enough to the messages that the
> signature still passes, that's fine. I just want to make sure that
> surviving lists is a non-goal, because it's a hopeless swamp.
And getting deeper all the time.
Ned
_______________________________________________
ietf-dkim mailing list
http://dkim.org
