Broadly, yes. You'd need to trust the entire chain of ARC-signing forwarders of course.
- Roland [http://www.trustsphere.com/images/signatures/trustsphere.png]<https://www.trustsphere.com> Roland Turner | Labs Director Singapore | M: +65 96700022 roland.tur...@trustsphere.com<mailto:roland.tur...@trustsphere.com> ________________________________ From: dmarc-discuss <dmarc-discuss-boun...@dmarc.org> on behalf of Scott Kitterman via dmarc-discuss <dmarc-discuss@dmarc.org> Sent: Friday, 23 October 2015 10:42 To: DMARC Discussion List Subject: Re: [dmarc-discuss] A bit quiet? Okay. If I implement ARC as a receiver, then I ignore p=reject from Senders I trust not to lie to me if it passes ARC? Scott K On October 22, 2015 10:15:24 PM EDT, Roland Turner via dmarc-discuss <dmarc-discuss@dmarc.org> wrote: ARC provides a standardised, software-implementable, means for trustworthy forwarders to implement chain-of-custody records and therefore for receivers to reliably and simply automate assessments about messages received through trustworthy paths that are currently both generally too complicated to make other than by hand and - for longer forwarding chains than author->list->recipient - depend upon trusting untrustworthy data from several hops upstream. The decisions about who to trust remain more-or-less those which receivers already make, ARC extends the distance that that trust can be algorithmically extended. An untrusted bad guy gains nothing, except against a naive receiver who imagines that ARC is magic. See also naive receivers assuming that SPF passing meant that a message was not spam. Likewise DKIM passing. Likewise DMARC passing. The important change here is that, in addition to incorporating an assessment of the trustworthines! s of the author and/or the last hop, assessments of the trustworthiness of forwarders enter the picture. - Roland Roland Turner | Labs Director Singapore | M: +65 96700022 roland.tur...@trustsphere.com ________________________________ From: dmarc-discuss <dmarc-discuss-boun...@dmarc.org> on behalf of Scott Kitterman via dmarc-discuss <dmarc-discuss@dmarc.org> Sent: Friday, 23 October 2015 04:44 To: dmarc-discuss@dmarc.org Subject: Re: [dmarc-discuss] A bit quiet? On October 22, 2015 1:19:51 PM EDT, Franck Martin via dmarc-discuss <dmarc-discuss@dmarc.org> wrote: The fun is moving to ARC https://dmarc.org/2015/10/global-mailbox-providers-deploying-dmarc-to-protect-users/ How does that actually help? At least as I read the draft, anyone can make up a 'bad' message and an associated made up DKIM signature and then add their ARC stamp claiming the signature was valid when the message arrived? Scott K ________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html) ________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html) -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
_______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)