l= provides a benefit when the SIGNERS sign, and mailing lists DON'T DISTURB. This does happen, although we can debate how often. The key point is that if the mailing lists employ an anti-spam check and resign, there is probably no need for l=. This to me means that l= should be viewed as a Time To Market function to have more valid signatures out there, and is best obviated by deployment of DKIM in mailing list software. That's happened in some place, but not enough.
I stand by my point that it is perfectly feasible to mitigate any risks that l= introduces. But. Those risks DO have to be mitigated. So here's where I come down: nuke l=, but get the mailing list software people to sign. The big one I would want to tackle is MailMan. Eliot _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
