On 05/11/2016 11:29 PM, Kurt Andersen (b) via arc-discuss wrote:
The concept of an AS[0] set of headers was debated and deemed, as
suggested by Murray,
Oh! I've missed this. Did it happen on arc-discuss, or elsewhere? (I've
not seen it on the list, and a quick scan of Murray's posts in the
archive turned up nothing.)
to just be a repetition of the DKIM signature assertion. As such, it
doesn't really add any utility.
I disagree. This is comparable to claiming that Arc-Seals generally are
just repetitions of assertions that could be made with DKIM. In a
limited sense this is true, but having a well-specified set of rules for
chaining these assertions appears to be valuable, which is much of the
rationale for introducing ARC in the first place. The same reasoning
applies to an assertion by an independent originator.
There have been suggestions on the arc-discuss list that, perhaps,
AS[0] could be used as an assertion "on behalf of" some other domain
that the message submitter was known to the sending ADMD
Right, this is the independent origination case (e.g. Gmail "send as my
work address", ESPs, ...), that is currently glaringly unaddressed.
(as mentioned below under "authenticated identity"). The biggest
problem with that, is whether anyone should trust such purported
authentication claims.
Sure, but that's _*exactly*_ the same problem as trusting ARC
forwarders' claims in the first place. The question that a receiver is
asking, of every step in the chain (and after verifying the mechanical
aspects of signature verification) is whether they trust the party whose
key was used to make the signature to make the assertion that's being made.
Failure to support independent origination explicitly (I've suggested
cv=I to the same end previously) invites ad hoc arrangements, or simply
outright false AS[1] assertions. (In the context of establishing
consensus around a spec, there is a particularly idiotic response to the
latter action, which is to declare wrong-doing and assume that all such
messages can be discarded, which ignores a significant fraction of the
real-world problem that ARC is being developed to address.)
Doesn't the i=1 ARC set also prove the originator was involved?
Yes, AS[1] testifies to the Authenticated-Results of receiving the
message from the originator.
That's actually a "no". AS[1] permits a receiver (or other assessor) to
determine with some confidence that the putative signer made such an
assertion about the putative originator, it provides no information
about the involvement of the putative originator except to the extent
that the assessor additionally trusts the assertions of the putative
signer. Decisions to trust are necessarily outside the specification.
This argument applies equivalently to AS[0] independent origination
scenarios and to AS[>0] forwarding scenarios.
- Roland
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
