Re: [dmarc-ietf] ARC questions

John R Levine <johnl@taugh.com> Wed, 02 December 2020 20:35 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B4533A1491 for <dmarc@ietfa.amsl.com>; Wed, 2 Dec 2020 12:35:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=FyjJylNP; dkim=pass (2048-bit key) header.d=taugh.com header.b=YFRFpzoT
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sAHkXmyILJYD for <dmarc@ietfa.amsl.com>; Wed, 2 Dec 2020 12:35:08 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1F5913A148B for <dmarc@ietf.org>; Wed, 2 Dec 2020 12:35:08 -0800 (PST)
Received: (qmail 27331 invoked from network); 2 Dec 2020 20:35:07 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=6ac1.5fc7fa7b.k2012; i=johnl-iecc.com@submit.iecc.com; bh=trRLRstrRuZ+SELhHGkyLKq1TK1qZJdOVuMPIAUIui8=; b=FyjJylNPw8U3/Zcq95kAfQJCYjUa1B7dQyNy+1SKgMC61qFy4F2n57tLyNBud39uCuB2O3LlfRYtAS7py20JomOMgDhG0MbhEP3RaGVBxfA4vs6KbxPkicLB8gVtXjbUaxOYmGAEW21d2N9VpHmclm/tNEhopAacBSH9RZkUk0Tx7Itst7wIRNRJjf4V+IppyO+DNu6WDMpnevGoglVsxfmBdjBld8DlcGr34PfAaCKs2v0wlJtnG05u/4acaS7jpo4SdREJKoszUW93cptbToeaspy28MyHiypLW94uDDmfp3dXiBZNGAf+pe/2P8WUrsME2DqtlIFPYnWb99xpAA==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=6ac1.5fc7fa7b.k2012; olt=johnl-iecc.com@submit.iecc.com; bh=trRLRstrRuZ+SELhHGkyLKq1TK1qZJdOVuMPIAUIui8=; b=YFRFpzoTGktwjtcmIrvSlvLLJPsL9W3m/y3m3zCQuT78QaGLSneOohG7iSCraoVCjFacvq7ePotX32W2dgNrcdZYhY8f0Z0bv1GXUon21pfxmD+YlaV2xC/nJ2/NqWCLTQ1ugTnOrd03nEHKortwG/BAvuWqjMPMQPzrxeCjqqokj1CTzzXCftGH27YAfPfXneTdjYEkUWQoSkqqInfsVUbyrrArfew0agwPab8L67HvVXfkr9+oCwKJ5m1Z5cQmg4SfFikMPvkOfrwCirPmyCiexijDuPj9PMvAoROERxOAxwQeVm0h4+b9XSI1upfmq9DllL9I1bCuwC7yDXSqQg==
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPSA (TLS1.3 ECDHE-RSA AES-256-GCM AEAD, johnl@iecc.com) via TCP6; 02 Dec 2020 20:35:06 -0000
Date: 2 Dec 2020 15:35:06 -0500
Message-ID: <17d886fd-49fd-28d8-f8e4-7caf2e85919c@taugh.com>
From: "John R Levine" <johnl@taugh.com>
To: "Michael Thomas" <mike@mtcc.com>, "Brandon Long" <blong@google.com>
Cc: "IETF DMARC WG" <dmarc@ietf.org>
In-Reply-To: <4190de2d-9f17-06d5-6354-30c989eecd4a@mtcc.com>
References: <20201124020453.AFDC027CE5C8@ary.qy> <cd855b53-d9bd-3412-3bd5-dc4b7720dc5c@mtcc.com> <CABa8R6s0bfs87Fu9eOq_R3WH1pngauVXrw3RSPe9iWWCtf3AmQ@mail.gmail.com> <c954eadd-5c85-c0d9-2168-8a42de506b72@mtcc.com> <CABa8R6swzAQLPU=xE2tr1W0J5r+w80BSYu87_ubMwHaUMgmKvA@mail.gmail.com> <1eed8278-4efa-4abc-15e0-2efcf014e82e@mtcc.com> <CABa8R6sEk+dHwHjBCKDgcmeT_Z3FymC5+jzy-GGa=7gJYvOf5A@mail.gmail.com> <446d491b-100a-9813-6463-2294f67bbda7@mtcc.com> <aafa5e78-aff9-8076-b76f-62f5b3a13fc1@taugh.com> <4190de2d-9f17-06d5-6354-30c989eecd4a@mtcc.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="0-1578719195-1606941306=:10647"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/gP8memUYZWBiQe-rRiqInsQyraQ>
Subject: Re: [dmarc-ietf] ARC questions
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Dec 2020 20:35:10 -0000

On Wed, 2 Dec 2020, Michael Thomas wrote:
>>> different in that respect. In fact as far as I can tell they are identical 
>>> modulo the i= difference.
>> 
>> Please reread the ARC spec.  The ARC-Authentication-Results at level N 
>> tells you whether the ARC and DKIM signatures were good at level N-1.

> That's why I said "modulo the i= difference"

Well, yeah.  That i= is why we have ARC seals rather than just using a 
DKIM signature.

Remember that ARC is only useful if the last system sending the message to 
you is reasonably trustworthy, not in the sense that it never sends spam, 
but in the sense that its ARC tells the truth about what it saw.  That's 
a low bar that any mailing list should be able to meet.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly