On 8/11/2018 2:20 PM, Murray S. Kucherawy wrote:
Sign one" (I think you mean "seal one") remains ambiguous to me, because
as Seth said, once I see "cv=fail", I don't care about anything else.
Now I have a seal nobody cares about, which means the sealer shouldn't
be bothered with generating it, irrespective of what gets fed to the hash.
+1*10**inf.
There has been a persistent desire to find a way to continue to process
an ARC sequence that is broken, as if that will somehow make it unbroken
or, at least, /less/ broken.
It won't.
As soon as a broken ARC chain is detected, ARC is -- or at least should
be -- finished. ARC-aware not should stop processing ARC for that
message. Completely stop.
If there is a clear and compelling counter-argument of clear benefit
that can be achieved, will be achieved, and is desired by receivers,
what is it?
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc