There's an interesting semantic issue here: Wietse Venema wrote: > What is not clear to me is the benefit of a mailing list signature > that is required to vouch for the authenticity of someone elses > FROM: address. I see this as a source of confusion with both users > and designers, and believe that this is a level of assurance that > not every mailing list or other forwarder can provide. > > There are (at least) two ways to view the choice of header fields to sign:
1. The signer takes responsibility for the signed header fields, and no others. 2. The signer takes responsibility for the message as a whole; the selection of signed header fields represents those which the signer considers sufficient to consider the message signed. I subscribe to view #2. It is considerably simpler to just be able to say "the message is signed" or not. -Jim _______________________________________________ ietf-dkim mailing list http://dkim.org
