On 11/22/20 11:18 AM, Douglas E. Foster wrote:
ARC has a very limited set of items included in the signature. Body
hash is purposefully excluded. So it is the same signature algorithm
but with different parameters and a different purpose. Therefore it
has a different header label .
Now wait, Kurt just said that the body hash is included. Somebody has to
be wrong here.
Mike
Sent from my Verizon, Samsung Galaxy smartphone
-------- Original message --------
From: John R Levine <[email protected]>
Date: 11/22/20 2:14 PM (GMT-05:00)
To: Michael Thomas <[email protected]>, "Kurt Andersen (b)"
<[email protected]>
Cc: [email protected]
Subject: Re: [dmarc-ietf] ARC questions
> Is there a reason that there is a separate ARC-signature rather than
just
> using the DKIM signature that is normally created for the new
message? Since
> ARC is new, you'd not want the intermediary to stop DKIM signing the
message
> so you end up with essentially two signatures doing essentially the
same
> thing?
The ARC signature has a sequence number so you can track the chain of
custody. You are right that it is similar to the DKIM signature but the
extra ovehead doesn't seem excessive.
Regards,
John Levine, [email protected], Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
