Re: [dmarc-ietf] ARC questions

John R Levine <johnl@taugh.com> Sun, 22 November 2020 19:14 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5597B3A0AD8 for <dmarc@ietfa.amsl.com>; Sun, 22 Nov 2020 11:14:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.2
X-Spam-Level:
X-Spam-Status: No, score=-0.2 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=RUuYkT2/; dkim=pass (2048-bit key) header.d=taugh.com header.b=lu59KnXR
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KUTULtIA9_lq for <dmarc@ietfa.amsl.com>; Sun, 22 Nov 2020 11:14:06 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3ACF33A0AC6 for <dmarc@ietf.org>; Sun, 22 Nov 2020 11:14:05 -0800 (PST)
Received: (qmail 16714 invoked from network); 22 Nov 2020 19:14:04 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=4148.5fbab87c.k2011; i=johnl-iecc.com@submit.iecc.com; bh=GLZN2iJBH2F86w1rf8AB8lxIxJvZ0PGBtzzXRlcXWbs=; b=RUuYkT2/diCDy6Yk06AmvObcmyNicTcOb4djYJThKHSoFKt04Zri0ttLB99nriIGcBHcKHGV0EjDbYAM9OvtmNdFWf8T4Qqdw1cMQeJ9OGZskJD5Jqn62LlJgyGyu2cvCh6J7/FMlxaE+dzkibYCvwOwC6WD28aS4+GNPgZZCuEBLsY/xcm2dzU7ES12rDOuKP2lc2I0VS/B36uwpPOY6SazYES0/nCaWndvz8ecByne+Ds8mbcv3ZAk7v3UVu7b5jXNe6HgXtGbWc8b0oj0YBTZetxvPOFqAx3NbphRIr8Ibxe4ad3XKpjKMYBiKMaHac7AdhAl90+78wyfp+Xt6w==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=4148.5fbab87c.k2011; olt=johnl-iecc.com@submit.iecc.com; bh=GLZN2iJBH2F86w1rf8AB8lxIxJvZ0PGBtzzXRlcXWbs=; b=lu59KnXRi7hcmpaOgkB1t7GIKf6ro0jorYUrIzqiJpTfS9l+MLz6BU3+bMidlNiNaO4k4GwVPGQr50TOt4BUMmsazQHgEkc3YzP3Z/+PrNrBtZZoHN8V1BNz0PY6YMKTDyDvxOrywLus8vnW6IAMN73xas2UBP6HnYZ+WVNw5jMsQ/oJFZ7odOU0lUeS40BI//LUyuZ8bj9vSJhRi6Lporu8v0tEK5xPNg60XiaeQqaKnfrpAQ8iUBa4aYFlvqYsoGalsO5qghtz8LTXOqJVlhuaUGUHhz4J2C6RjqoOrEfvUThvZYty8s3awbpi0tLoRp2TMa5Tb4yNYHprk0wegg==
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPSA (TLS1.3 ECDHE-RSA AES-256-GCM AEAD, johnl@iecc.com) via TCP6; 22 Nov 2020 19:14:04 -0000
Date: 22 Nov 2020 14:14:04 -0500
Message-ID: <64f18b-ae8-8c15-3d33-ff2d864c35bc@taugh.com>
From: "John R Levine" <johnl@taugh.com>
To: "Michael Thomas" <mike@mtcc.com>, "Kurt Andersen (b)" <kboth@drkurt.com>
Cc: "dmarc@ietf.org" <dmarc@ietf.org>
In-Reply-To: <453c4db4-fc62-dc76-5b15-707623d66f9f@mtcc.com>
References: <dcc265f9-a143-5093-eba0-94ee059c7cc7@mtcc.com> <20201122021417.B5E6E27B3E59@ary.qy> <CABuGu1pX=5ZC4RLsv19qrosRN9nCrPdeSk5Xg4O7ViEZit6dnA@mail.gmail.com> <453c4db4-fc62-dc76-5b15-707623d66f9f@mtcc.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII; format=flowed
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/rTmHcdtFxpfuO-nu1q3-wKzj8fA>
Subject: Re: [dmarc-ietf] ARC questions
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 22 Nov 2020 19:14:08 -0000

> Is there a reason that there is a separate ARC-signature rather than just 
> using the DKIM signature that is normally created for the new message? Since 
> ARC is new, you'd not want the intermediary to stop DKIM signing the message 
> so you end up with essentially two signatures doing essentially the same 
> thing?

The ARC signature has a sequence number so you can track the chain of 
custody.  You are right that it is similar to the DKIM signature but the 
extra ovehead doesn't seem excessive.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly