> So as far as I can tell, we're at a point where lots of people think they > want MLM survivability of signatures, or at least the chain-of-trust > capability, but no proof that the increased risk is worth the increased gain.
I would quibble with the word "lots". Perhaps "a few highly vocal." Put me in the camp that says there's no problem that's come up in 40 years of MLMs that this would solve, and in the unlikely event that it actually were a problem, signing an A-R header would work lot better, since it includes a signature from the MLM, which is what we really want. To the claim that there are MLMs that won't do that, if I count the number of MLMs in the world vs. the number of sending and receiving mail hosts, upgrading all the MLMs is a whole lot more likely than upgrading all of the mail hosts. Regards, John Levine, [email protected], Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. http://jl.ly _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
