[Mailman-Developers] dkim-signature headers

Joe Peterson joe at skyrush.com
Fri Feb 9 05:53:57 CET 2007 

Barry,

Nice document.  I still feel like I do not know enough about the
ramifications of stripping or not stripping the DKIM signature to be
sure of the right default, and I still think we could use some more
information and understanding of all of the factors.  However, Your
proposed default of not stripping the signatures seems reasonable, since
at least it preserves the forensic information.  At least Mailman sites
will have the opportunity to adjust this should we find that one way or
the other is clearly correct.

Thanks for putting the effort into studying this.  Clearly, these
(DKIM-like) technologies are not yet mature and there is a lot to
consider (email and all of its possible interactions are quite complex),
and I hope that the interaction (what has happened and what is to come)
between the Mailman developers and the DKIM developers can help to make
it all really workable!  To make DKIM, or something like it, widely
accepted as a standard, it clearly has to be able to handle mailing
lists, and ideally, with good integration and good specs, it will be
able to do so elegantly and deterministically (and not just "99%").

						-Joe


Barry Warsaw wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Feb 7, 2007, at 8:20 PM, Mark Sapiro wrote:
> 
>> John W. Baxter wrote:
>>
>>> On 2/7/07 8:46 AM, "Barry Warsaw" <barry at python.org> wrote:
>>>
>>>> Should we strip DKIM by default or not?
>>> Not strip by default.
>>>
>>> Even though that changes the default vs the most recent Mailman,  
>>> it leaves
>>> the default alone for everyone who jumps to 2.1.10 from earlier  
>>> versions.
>> I think I am swayed by the arguments in this thread to favor Not Strip
>> as the default, and I agree with John WRT its not being a behavior
>> change for many.
> 
> Me too.  Here's my discussion on the topic, including a concrete  
> proposal for Mailman 2.1.10 and 2.2/3.0.  Feel free to comment on the  
> wiki on in this thread.
> 
> http://wiki.list.org/x/OgM
> 
> - -Barry
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.5 (Darwin)
> 
> iQCVAwUBRctro3EjvBPtnXfVAQIHMAP/X4kZL4llpLMLf0rtePsf15092VsF8Old
> AMZmEvkJ/MtFT1mTm+cFjWg6i4/wUHfP2LIBr8AwNcO8MIUHUbjOB7fLCn41v93n
> FIKLIlFp6liFqjv3167Mz1SRRnb5r5KAReyCoyRww+ogo/AgVn8HmekoG74DOwGp
> v/SJuD1YcPQ=
> =CuhH
> -----END PGP SIGNATURE-----
> _______________________________________________
> Mailman-Developers mailing list
> Mailman-Developers at python.org
> http://mail.python.org/mailman/listinfo/mailman-developers
> Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
> Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/
> Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/joe%40skyrush.com
> 
> Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
>

More information about the Mailman-Developers mailing list