Is there a reason that there is a separate ARC-signature rather than just using the DKIM signature that is normally created for the new message? Since ARC is new, you'd not want the intermediary to stop DKIM signing the message so you end up with essentially two signatures doing essentially the same thing?
The ARC signature has a sequence number so you can track the chain of custody. You are right that it is similar to the DKIM signature but the extra ovehead doesn't seem excessive.
Regards, John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY Please consider the environment before reading this e-mail. https://jl.ly _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc