[Mailman-Developers] dkim-signature headers
Stephen J. Turnbull
stephen at xemacs.org
Tue Feb 6 16:33:14 CET 2007
Michael Thomas writes:
> Let's be clear that I'm advocating a dialog here,
In some sense, there's very little room for dialog, unless it involves
substantial amendments to DKIM. This is inherent in the design: the
whole message is signed. Preserve it nearly verbatim or break the
This need not be a problem, however, as long as users can be taught
not to panic because one signature doesn't verify. See below.
> I'm hoping that we can come up with some finesse.
It's not obvious to me that a finesse is necessary or desirable. IMO,
the right answer is for mailing lists to sign the posts that pass
through them, and to publish a BCP that extols the manifold advantages
to lazy admins<wink> of vetting a bunch of mailing lists and then
trusting the signatures of the trustworthy ones.
The transition period may be painful, but so is spam.
> In any case, if you have some ideas about what list friendly
> wording is, I'd be happy to hear it.
After reading dkim-base-8, things are a lot clearer. Specifically,
the updated Section 4 makes it clear that there's no reason why a
mailing list is a second-class citizen:
Of course, a message might also have multiple signatures because it
passed through multiple signers. A common case is expected to be
that of a signed message that passes through a mailing list that also
signs all messages. Assuming both of those signatures verify, a
recipient might choose to accept the message if either of those
signatures were known to come from trusted sources.
While I could wish for a stronger endorsement, I realize that is about
as strong an endorsement as you'll find in an informative section in a
standards-track RFC. I guess in the BCP I'd like to see that language
(at least) repeated with encouragement to implementers to (eg) have
verifiers look for a mailing list signature if RFC 2369 headers are
present. The heuristic being the one I've been hammering on: if your
users are subscribed to a mailing list, they evidently trust it to a
greater or lesser degree. And of course users and ISPs should be
encouraged to use MUAs and servers that employ verifiers with those
By the way: *WARNING* Most of the links from the DKIM site point to
version dkim-base-7b, while the current version is dkim-base-8. The
latter has a much more satisfactory Section 4 (on multiple
signatures). Most recent version (currently v8) is here:
More information about the Mailman-Developers