On 18/May/10 19:16, John R. Levine wrote: >> It'll be the one that's not broken, I presume. If there's more than one >> unbroken signature, I guess the signing domain might want to match the >> list-id header.
Unfortunately, that header does not make a net distinction between the list-label and the domain-name. Perhaps, the list-label could be made explicit using the local part of the "i=" tag (RFC 5672 exemplifies a "mailing list manager" for this datum.) > Why is it important to match signatures? If there's a valid signature > with a good rep, deliver the mail. If the mail turns out to be nasty, > decrease the rep of all of the valid signatures. Why make this more > complicated than it needs to be? To recommend any special treatment for mailing lists --e.g. tweaking FBL routes-- we should also say how a verifier can recognize a list message when it sees one. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
