[Mailman-Developers] dkim-signature headers
barry at python.org
Fri Feb 2 05:12:17 CET 2007
-----BEGIN PGP SIGNED MESSAGE-----
On Feb 1, 2007, at 2:17 PM, Michael Thomas wrote:
> I've for quite a while thought that part of an ultimate DKIM BCP would
> give some guidance on what a "well behaved mailing list" would be. It
> would certainly be good if mailman were an example of that because at
> least at Cisco it accounts for the bulk of external mailing list
> we see.
I agree with both statements. Note that there are many email related
RFCs that are ambiguous in the mailing list use case. We make
choices based on our best interpretation but it's never fully
satisfactory. If there's a possibility to have DKIM specify what a
properly behaving mailing should do (with of course, consensus from
this community and other listserver vendors), then I'm all for it.
> (at least by default). The main issue is that there is a security/
> tradeoff with the use of l=. That is, bad guys could append content
> On the other hand, *if* that comes to pass, receivers are
> completely at
> liberty to scan the covered and uncovered parts of the body
> delete the appended text, etc, etc.
Isn't it possible that from the point of view of the original sender,
the mailing list /is/ the bad guy?
(Note too that of course it's trivial to disable DKIM header
cleansing in Cisco's own copy of Mailman.)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (Darwin)
-----END PGP SIGNATURE-----
More information about the Mailman-Developers