On Tue, Nov 24, 2020 at 7:27 PM Douglas Foster <
dougfoster.emailstanda...@gmail.com> wrote:

> Michael, I think the purpose is stated well enough:   Mailing lists want
> to keep adding their content to messages, without being blocked by
> recipients.   This means that they have to provide recipients with enough
> information for them to accept the forwarded content.   Google and
> Microsoft seem to be on-board with this project, so it seems pretty
> successful already.   This train is not easily stopped.
>

That sounds about right.  Put another way: DMARC's success is at least in
part stymied by what MLMs do that invalidates DKIM; ARC is an attempt to
carry forward from the MLM, in a credible way, an indication of what the
MLM saw in terms of DKIM results when the message got to the MLM.  So then,
although an author signature will fail post-MLM, the MLM signature will
pass, and the ARC data will tell you that the author signature was good
when the MLM got it.  If you trust the chain, then that can be an
alternative to the DKIM input when the final recipient performs a DMARC
evaluation.

Sections 1 and 7.2.1 of RFC 8617 do say all of this, though perhaps not as
concretely as one might like.

In my opinion, ARC does leave a lot of unanswered questions about how you
> use the data that ARC provides.   Again, the big organizations have the
> brain power at their disposal to figure that out for themselves, later.
>

This is why it was published as Experimental.  Its efficacy is not (yet)
known, nor are any side effects.  Although, now that you have me thinking
about it: It's been a year; have we any meaningful data about this yet?

It seems like a lot of software logic to create an ARC set, even more code
> to parse it, and even more code to use it intelligently.   This is a big
> problem if you are trying to write the code yourself, but a small problem
> if you have a big programming organization.
>

When I implemented it, there was a great deal of processing logic that was
recycled from DKIM.  That was advantageous.  But I agree, someone
implementing ARC with no context at all could easily find it a challenge to
get it to interoperate.

-MSK
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc

Reply via email to