Welcome back, Hector. ARC has important differences from ATPS. ARC allows a forwarder to request trust from an evaluator, depending upon the level of trust that the evaluator is willing o grant to the intermediary. The originator is not involved. The evaluator may be able to use ARC data to accurately identify the originator and assign reputation to that originator.
ATPS allows an originator to ask an evaluator to trust an intermediary. It requires the originator to know who will be forwarding his messages, and whether those entities are trustworthy or not. The evaluator has to trust the intermediary, the originator, and the originator's judgement. This is a less plausible request. Forwarding without ARC will partially or fully hide the identity of the originator, which makes ARC desirable for any forward, with or without changes.. I just regret that ARC does not ensure that all of the pre-forwarding identities (server, SMTP address, and From address) can be extracted from the ARC data, so complete identification of the originator is not assured. DF DF On Sun, Mar 26, 2023 at 2:26 PM Hector Santos <hsantos= 40isdg....@dmarc.ietf.org> wrote: > Wouldn’t it be far easier to add the trusted 3rd party domains in some DNS > table or lookup, ala an ATPS-like protocol? The RFC5322 ARC overhead is > horrendous. Never mind the complexity evolved to implement. > > On Mar 24, 2023, at 7:17 PM, Seth Blank <s...@sethblank.com> wrote: > > Microsoft is using ARC quite heavily, and has reported on this list and at > M3AAWG of the impact it makes > > Microsoft even has on their public roadmap that tools are being built for > their customers to enable per-customer sealers that they choose to trust: > https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=dmarc > > On Fri, Mar 24, 2023 at 5:06 AM Steven M Jones <s...@crash.com> wrote: > >> On 3/24/23 3:48 AM, Douglas Foster wrote: >> > >> > Do we know if any entity other than Google is successfully using ARC >> > as an evaluation tool? >> >> >> FWIW: In late 2021 a "German company" reported that it was able to >> "recover" about 10% of messages that had failed other authentication >> checks by validating ARC. >> >> > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc >
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
