Instance number please. Less calculation.
On Fri, 5 Jan 2018, at 16:18, Murray S. Kucherawy wrote: > On Wed, Jan 3, 2018 at 6:28 PM, Kurt Andersen (b) > <kb...@drkurt.com> wrote:>> On Wed, Jan 3, 2018 at 11:20 PM, Bron Gondwana >> <br...@fastmailteam.com> wrote:>>> __ >>> I assume this was the one that you wanted my clarification on? >> >> >> Yes, thanks >> >> >>> >>> >>> But let's rewrite it as oldest-pass, because that's clearer. >>> Your case:>>> >>> >>> * ARC 1: cv=none, ams.oldest-pass=0 >>> * ARC 2: cv=pass, ams.oldest-pass=1 >>> * ARC 3: cv=pass, ams.oldest-pass=2 >>> * ARC 4: cv=pass, ams.oldest-pass=3 >>> * final recipient ADMD ARC verifier would find cv=pass and evaluate >>> ams.oldest-pass as 4.>>> >>> And my case where 2 and 3 didn't change anything: >>> >>> * ARC 1: cv=none, ams.oldest-pass=0 >>> * ARC 2: cv=pass, ams.oldest-pass=1 >>> * ARC 3: cv=pass, ams.oldest-pass=1 >>> * ARC 4: cv=pass, ams.oldest-pass=1 >>> * final recipient ADMD ARC verifier would find cv=pass and evaluate >>> ams.oldest-pass as 4.>>> >>> From which the final recipient can also see that, if they trust ARC >>> 4 not to lie, neither ARC 2 or ARC 3 changed anything which was >>> covered by ARC 1's AMS.>>> >>> There is no need to trust either ARC 2 or ARC 3's signatures in my >>> example, which is the point here. Even if ARC 2 or ARC 3 are not >>> yet known or trusted, you can tell that they didn't modify this >>> particular message.>>> >>> >>> >> >> Very helpful - thanks. I think that expressing it in the positive "oldest- >> pass" form makes the point much clearer. Unless there is an outcry >> from the rest of the group, I'd like to change to this terminology.> > Just to be clear, we're saying "*.oldest-pass" will contain the > instance number of the most recent AMS that passed? Or is it the > distance from the verifier to the most recent passing ADMD?> > -MSK > _________________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc -- Bron Gondwana, CEO, FastMail Pty Ltd br...@fastmailteam.com
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
