In article <cantlugo_d1mz_v_341pc5o1mz7rhotrfa3+ob5-onp72+5u...@mail.gmail.com> you write: >The issue is that its possible for two separate arc implementations, given >the exact same message inputs, keys, timestamps, etc to be generating two >different, but equally valid ARC seal hashes.
DKIM does the same thing. The order of fields in a DKIM-Signature header is arbitrary, and the b= hash includes that header, so there are lots of different equivalent DKIM signatures for the same message and same selector and key. Verifiers use the DKIM-Signature header in the message so they get the same answer as the signer, which I would think would work the same way in ARC-Seal. Can you explain why you think this is a problem? R's, John _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc