In article <e8ab65f6-0ba7-d8db-61c5-7fceb46b9...@bluepopcorn.net>, Jim Fenton <fen...@bluepopcorn.net> wrote: >Your use of "credible mediator" and "sleazy mediator" emphasizes that >we're depending on the mediator behaving responsibly. Given that's the >case, why not just expect a responsible mediator to verify the DKIM >signature (or maybe SPF) on the incoming message, check its alignment >with the From: domain, then make whatever modifications it wants to >make, then re-sign the message with the mediator's DKIM signature >containing a tag that says it did all of the above?
According to people I've talked to about ARC, because mailing lists don't do that. One of the things that makes it plausible that lists might implement ARC is that it doesn't ask for any changes in the internal operation of the list, just slap an ARC signature on the end. It's also useful for other kinds of forwarding that don't change anything but since they're forwards, SPF fails. This proposal makes lists sort through all of the changes they make and try to figure out which ones match a tag and which ones don't. That is surprisingly hard, e.g., I found that when you have multipart/alternative and add a message header, it edits the header text into both of the alternative versions. Good luck unscrambling that. -- Regards, John Levine, jo...@taugh.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. https://jl.ly
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
