Re: [Ietf-dkim] Proposals for tolerating mailing list modifications

Fri, 04 Aug 2023 11:41:18 -0700 


On 8/4/23 11:31 AM, Tim Wicinski wrote:


Michael


Actually it appears draft-chuang-replay-resistant-arc is listed in the 
charter (I had to check for myself).
We can have the larger ARC discussion but I'll want to talk to Murray 
and Laura on that also.



And what of the mailing list traversal? That clearly has nothing at all 
to do with the current charter.



DKIM is a full internet standard. ARC is an experiment with no data 
given to show that it does anything that DKIM can't. Any proposal should 
be written in terms of modifications to DKIM itself, not some unproven 
experiment.


Mike



tim


On Fri, Aug 4, 2023 at 2:27 PM Michael Thomas <m...@mtcc.com> wrote:


    On 8/4/23 11:12 AM, Wei Chuang wrote:
    > Hi all,
    > I just wanted to mention two proposals for tolerating mailing list
    > modifications as suggested in person IETF-117. They both use ARC
    > headers as infrastructure, but go about tolerating mailing list
    > modifications in different ways.
    > 1) Disclose and reverse mailing list transforms so that we can
    > authenticate those messages with the original DKIM signature:
    >
    https://datatracker.ietf.org/doc/draft-chuang-mailing-list-modifications/
    > 2) Replay-resistant-arc draft proposes authenticating a sender
    defined
    > path from originating sender to receiver.  It also has the sender
    > specify the intended recipient to prevent replay amplification. 
    It is
    > insensitive to message body modifications:
    > https://datatracker.ietf.org/doc/draft-chuang-replay-resistant-arc/
    > Both approaches do not require trusting results in
    > ARC-Authentication-Results which has been a concern. Instead they
    > provide signatures and values that a third party can
    independently and
    > objectively verify.  Discussion of these drafts belong on the DKIM
    > list (ietf-dkim@ietf.org). Also just mentioning I've heard there
    are
    > other interesting related drafts.
    >
    What does this have to do with the current charter? ARC is
    off-topic and
    should be banned by the chairs. That is especially true since DKIM
    is a
    full internet standard and ARC is an experiment with no supporting
    data
    to show that it's done what it claims.

    Mike

    _______________________________________________
    Ietf-dkim mailing list
    Ietf-dkim@ietf.org
    https://www.ietf.org/mailman/listinfo/ietf-dkim

_______________________________________________
Ietf-dkim mailing list
Ietf-dkim@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-dkim

























					Reply via email to