IETF Logo Mail Archive

Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5.1.2 - cv=fail should sign greedily

"Luis =?utf-8?q?Mu=C3=B1oz?=" <lem@uniregistry.link> Wed, 25 July 2018 21:46 UTC

Return-Path: <lem@uniregistry.link>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 98FFD12F1A6 for <dmarc@ietfa.amsl.com>; Wed, 25 Jul 2018 14:46:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=uniregistry.link
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8MOnsTWZB9M9 for <dmarc@ietfa.amsl.com>; Wed, 25 Jul 2018 14:46:26 -0700 (PDT)
Received: from a.mx.uniregistry.net (a.mx.uniregistry.net [64.96.34.7]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 32F371277C8 for <dmarc@ietf.org>; Wed, 25 Jul 2018 14:46:26 -0700 (PDT)
Abuse: Forward to abuse@uniregistry.com with full headers
X-Virus-Scanned: Content filter at a.mx.uniregistry.net
Powered-By: https://www.uniregistry.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=uniregistry.link; s=bravo; t=1532555185; bh=dY2M5vvArNIXZ4bnykSw7wNur5h0zY2WHjXDQ7urc2k=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=GbRTiQsN98VPBUrHPT1k3zYLRlp/t5Cl0MGVm2KFVNpKcTUJlhVu98RW1vzy2r+NA 6jQFCy0OurnrDFeQoWNKvr8uyh2o3mgmtvf5pE6CpIH9RBldMsLqNHn8mz+00gfEPO UGWMq/BfsuTXPI5RHX4sp1MnYyZs/bkxTQ1dFeJRAqsyk/1pF5WMtRrYxjuk3g/ykj B89oNQkzYEl/RXjgVprq6/as83ebXthQCunPAtCY+OQSicEKBLvAu8gD7xGMvkXREh eKNeakj8qmdmwXIQK3HG9jGUB1CYnQnVBiqLEzVKl69+pgmri/cS9wlJqCPg3NKfLG fFnwqWD3dMe8Q==
Received: from [64.96.164.206] ([64.96.166.230]) (authenticated bits=0) by a.mx.uniregistry.net (8.15.2/8.15.2/Debian-8) with ESMTPSA id w6PLkP4s001730 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 25 Jul 2018 21:46:25 GMT
From: Luis Muñoz <lem@uniregistry.link>
To: Seth Blank <seth@sethblank.com>
Cc: IETF DMARC WG <dmarc@ietf.org>
Date: Wed, 25 Jul 2018 14:46:24 -0700
X-Mailer: MailMate (1.11.3r5509)
Message-ID: <33404ED3-6683-4802-8223-78AFBACA7805@uniregistry.link>
In-Reply-To: <CAD2i3WMMJPaZYonS-qcz8pwOKYmS2Xe+8WBZPuAqjiGoYePzSg@mail.gmail.com>
References: <CAD2i3WMMJPaZYonS-qcz8pwOKYmS2Xe+8WBZPuAqjiGoYePzSg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"; markup="markdown"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/0cJsT-d2-YEOY_XCvFshUTgw9kQ>
Subject: Re: [dmarc-ietf] WGLC ARC-16 concern on Section 5.1.2 - cv=fail should sign greedily
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Jul 2018 21:46:28 -0000

On 25 Jul 2018, at 14:34, Seth Blank wrote:

> The proper guidance should be that the ARC-Seal MUST sign the ARC 
> Chain in
> its entirety, unless that is structurally impossible, in which case it
> should only sign itself.

There should be clear indication in the ARC-Seal about which of the 
branches above were taken.

-lem

v2.23.0 | Report a Bug | By Email