David Gibbs wrote: > Bill Landry wrote: >> This may be true if the sender were adding the footer before signing and >> sending the message to the list. However, not true if it's the mailing >> list that is adding the footer after the original sender has already >> signed the message. > > As I understand it, in order for the signatures to be valid, the message has > to be signed by the sender ... because most mailing list software adds > headers.
As long as the headers are added in the proper order, they will not break DK & DKIM signing. But adding anything to the body will break the signatures, as the body is included as part of the signature. If you take a look at the headers of this message, you will see what headers I've included in my DK & DKIM signatures, as well as the message body. Any changes in any of these areas will render the signature invalid. > Mailman has specific functionality to remove signature headers so that the > message can be resigned as it's sent out. If that happens then the message is no longer signed by the original sender, but rather by the mailing list. Probably not a big deal for a mailing list, but would be in any person-to-person communications. Bill
