(Sorry Murray, I missed the tail of your message.)
On 05/13/2016 05:24 AM, Murray S. Kucherawy wrote:
> Yes, AS[1] testifies to the Authenticated-Results of receiving the
message
> from the originator.
That only proves the first receiver was involved. A final
receiver may trust
its results or not.
What is the first receiver reporting if not the authentication
claims made by the originator?
They could equally be reporting fraudulent claims in order to defeat
email security systems at (a) downstream receiver(s).
...meaning nodes 0 (originator) and 1 are in collusion? Sure, that's
possible, but how would requiring an i=0 thwart such an arrangement?
No, "they" meaning the i=1 party. Having a third-party originator state
their own assertions in a form that ARC will include in its chain allows
the receiver to make decisions based upon the trust of the i=0 party,
even where they don't trust the i=1 party.
Also, no requirement, just an option for Originators. Per my earlier
message though, I'd now suggest that this is a job for a new 7601.Method.
- Roland
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
