> -----Original Message----- > From: ietf-bounces@xxxxxxxx [mailto:ietf-bounces@xxxxxxxx] On Behalf Of t.petch > Sent: Saturday, July 30, 2011 3:26 AM > To: Barry Leiba > Cc: ietf > Subject: Re: DKIM Signatures now being applied to IETF Email > > Sadly, I do not see it being used in the mailing lists where an > organisation is sending me directly data I would like to be able to rely on > - which I think fits the applicability well - and instead, I see it > being used on a mailing list such as those in the IETF where I > believe that the costs outweigh the benefits - and I have no choice > about that:-(. There has been some post-DKIM talk recently about the idea of "transient trust", wherein (to use this example) ietf.org would verify the signature on an arriving list submission, attach an RFC5451 header field that indicates the results of that verification, then send the message out to the list with that added field and a new ietf.org signature that "covered" it. Then, if you decide to believe ietf.org's claims about the original signature, you know more than you would otherwise. This hasn't been widely deployed yet, but some big email providers are currently playing with the idea. _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf