Re: [dmarc-ietf] ARC questions

John R Levine <johnl@taugh.com> Sun, 22 November 2020 19:56 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E3A433A0BD7 for <dmarc@ietfa.amsl.com>; Sun, 22 Nov 2020 11:56:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.2
X-Spam-Level:
X-Spam-Status: No, score=-0.2 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=WNM7/Cac; dkim=pass (2048-bit key) header.d=taugh.com header.b=N/gVwD7W
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3rf-Sbax5pUT for <dmarc@ietfa.amsl.com>; Sun, 22 Nov 2020 11:56:25 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 27DC83A0BC6 for <dmarc@ietf.org>; Sun, 22 Nov 2020 11:56:24 -0800 (PST)
Received: (qmail 23883 invoked from network); 22 Nov 2020 19:56:23 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=5d48.5fbac267.k2011; i=johnl-iecc.com@submit.iecc.com; bh=hlDf6Du7ZB20XIkm+OpC3DQ5Lv/A+/lBVMXPU+EUKmM=; b=WNM7/CaczGoYr7tmb2I54PBLuG2WZ4ADt94u7FxLcREUjar+i8gvKrUn0iMdqP9D7fNFMFBiF72RA2bQuSe4HrBh8DzJc1UBirOKGAKnQrOJn4Q2eiASUp1lYDkzmwqIgy4/oXgrTNBwN3zQa0K2UI2aSdCbra/HJekXSuXzN6WmJUGtJ/gDwqRRHKFsYdLK2her4r87YuMW3PwYysIFAWR9Opk5ETR5SY8qULPDYkf8+HaOsywFyqjY1S0pu8V+y9qxIRds5ycb+svDqXOm7NuTF4OwA/YuetvIboAbyNc/wwfPDUfDNZr4oXri5vX/co3TlP45UDp+mprT4M8C8g==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=5d48.5fbac267.k2011; olt=johnl-iecc.com@submit.iecc.com; bh=hlDf6Du7ZB20XIkm+OpC3DQ5Lv/A+/lBVMXPU+EUKmM=; b=N/gVwD7WjdO5no7UbhRQIPTKcjEztxxTHz2SIdFHZqYw8JDZPlBKO9kwRdmnKPB6BtYzgpeap8NV62Y1JDkLuC10sT4HHCUbpOEmdflA2wdh+k53+SjzzdLAtvMrWofbVQUK21+Dw8SpTz4UTeS5gmI4Texcsu2l/ycLGOoTPb9eE2jlSUbLtqgnHTYH73q3zjZdAPlR30/5O+eUmZSr+PFNgKcMpHlp0U20rHXl953WJSGzH+1OVHfbP+8ptOyaYfcnIdVhFvV7r+/llZhcE4XL6tw9JKtBqoCLRJmA+nnHWmZJ5aVM1iwcMm8irhaBG8P7vvgsJ0QwahwQQs+dnw==
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPSA (TLS1.3 ECDHE-RSA AES-256-GCM AEAD, johnl@iecc.com) via TCP6; 22 Nov 2020 19:56:23 -0000
Date: 22 Nov 2020 14:56:23 -0500
Message-ID: <8fa2d88c-55df-aa8e-932f-8f7bc97d741@taugh.com>
From: "John R Levine" <johnl@taugh.com>
To: "Michael Thomas" <mike@mtcc.com>
Cc: "dmarc@ietf.org" <dmarc@ietf.org>
In-Reply-To: <884541e6-5076-7f8f-d1d2-d68ea9c5a2bc@mtcc.com>
References: <dcc265f9-a143-5093-eba0-94ee059c7cc7@mtcc.com> <20201122021417.B5E6E27B3E59@ary.qy> <CABuGu1pX=5ZC4RLsv19qrosRN9nCrPdeSk5Xg4O7ViEZit6dnA@mail.gmail.com> <453c4db4-fc62-dc76-5b15-707623d66f9f@mtcc.com> <64f18b-ae8-8c15-3d33-ff2d864c35bc@taugh.com> <884541e6-5076-7f8f-d1d2-d68ea9c5a2bc@mtcc.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="0-1126026243-1606074983=:15720"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/NWpsF8mlYZOXPkPnS8KIL6-6pqY>
Subject: Re: [dmarc-ietf] ARC questions
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 22 Nov 2020 19:56:27 -0000

On Sun, 22 Nov 2020, Michael Thomas wrote:
>> The ARC signature has a sequence number so you can track the chain of 
>> custody.  You are right that it is similar to the DKIM signature but the 
>> extra ovehead doesn't seem excessive.
>> 
> Did the wg consider just grafting that onto the DKIM signature itself instead 
> of having essentially a duplicate signature? Receivers are already supposed 
> to ignore any tags they don't understand so it shouldn't hurt backward 
> compatibility.

ARC is an experiment that came from the people who designed DMARC.  It's 
not a WG product.

Having adapted the perl DKIM module to handle ARC signing and 
verification, I can say that the extra signature is not a big deal.  If 
you look at mail coming from large mail systems, they're full of other 
junk headers and the extra overhead of AMS along with DKIM is not 
important.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly