Re: [dmarc-ietf] ARC-Authentication-Results

Mon, 03 Apr 2017 17:37:35 -0700 

On 04/03/2017 16:49, Murray S. Kucherawy wrote:
> The latest ARC base document says this about the
> ARC-Authentication-Results field:
>
>    ARC-Authentication-Results is a direct copy of the Authentication-
>    Results header field [RFC7601 <https://tools.ietf.org/html/rfc7601>] 
> created for archival purposes by the
>    each MTA outside of the trust boundary of the originating system
>    which is contributing to the chain of ARC header fields.  The
>    corresponding instance ("i=") tag value MUST be prefixed to the
>    Authentication-Results.
>
> Apart from the grammatical glitch ("the each"), this appears to me to
> be saying:  "Collect the contents of the A-R fields that already exist
> and re-record those results into a new A-A-R field."
>
> Should that include the results computed by the ADMD that's doing this
> work?

My POV, there is a strong 1:1 correlation between a set of ARC headers
and a given ADMD. In this world view, the A-A-R would *not* collect all
A-R values from all preceding ADMDs.

The A-A-R attached by a given ADMD is meant to include the A-R value
computed by that ADMD during receipt/validation of the message in
question. So I would suggest language more like the following for
5.1.3's first paragraph:

    "ARC-Authentication-Results is a copy of the Authentication-Results
    header field [RFC7601] created during the receipt/validation of the
    message by an ADMD from a source external to that ADMD. In other
    words, a message is received by an ADMD and has an A-R computed and
    attached to the message. When an ADMD is creating an A-A-R, it takes
    the contents of the A-R header created by the same ADMD, prefixes it
    with the appropriate instance ("i=") tag value, and records it in
    the A-A-R."


This probably needs language to handle the case where a given ADMD
creates multiple A-R headers, at minimum. But before tackling that,
let's have any objections to the general sense of the above paragraph,
or the assertions before it?

--S.

_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc

Reply via email to