ARC has a very limited set of items included in the signature. Body hash is purposefully excluded. So it is the same signature algorithm but with different parameters and a different purpose. Therefore it has a different header label .Sent from my Verizon, Samsung Galaxy smartphone<div> </div><div> </div><!-- originalMessage --><div>-------- Original message --------</div><div>From: John R Levine <[email protected]> </div><div>Date: 11/22/20 2:14 PM (GMT-05:00) </div><div>To: Michael Thomas <[email protected]>, "Kurt Andersen (b)" <[email protected]> </div><div>Cc: [email protected] </div><div>Subject: Re: [dmarc-ietf] ARC questions </div><div> </div>> Is there a reason that there is a separate ARC-signature rather than just > using the DKIM signature that is normally created for the new message? Since > ARC is new, you'd not want the intermediary to stop DKIM signing the message > so you end up with essentially two signatures doing essentially the same > thing?
The ARC signature has a sequence number so you can track the chain of custody. You are right that it is similar to the DKIM signature but the extra ovehead doesn't seem excessive. Regards, John Levine, [email protected], Taughannock Networks, Trumansburg NY Please consider the environment before reading this e-mail. https://jl.ly _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
