On Wed, May 11, 2016 at 9:54 AM, Alessandro Vesely <ves...@tana.it> wrote:
> > [... assume ARC-Seal: i=0 still verifies ...] > > >>> ARC-0 is substantially equivalent to a weak signature. The ARC-Seal > >>> field proves that the originator was involved. ARC-Message-Signature > >>> is expected to be broken by forwarders. ARC-Authentication-Results may > >>> contain just an auth stanza, with a possibly redacted authenticated > >>> identity. > >> > >> Doesn't the i=1 ARC set also prove the originator was involved? > > No, it doesn't. > Could you say why not? It seems to me the i=1 ARC set is validating the message authentication provided by the originator. That seems to qualify to me as "involved" on the part of the originator. > > Yes, AS[1] testifies to the Authenticated-Results of receiving the > message > > from the originator. > > That only proves the first receiver was involved. A final receiver may > trust > its results or not. > What is the first receiver reporting if not the authentication claims made by the originator? Confused, -MSK
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc