On Wed, Jun 21, 2017 at 4:18 PM, Brandon Long <[email protected]> wrote: > > If you put arc=fail in an AR and then the next hop ignores and strips the >> AR (per spec), what good is it? >> > > None, but what good is the broken chain? If all you're doing is avoiding > reprocessing, that seems pretty minimal. >
A final evaluation status has merit, but it's not avoiding reprocessing, it's transmitting and signing your name to a definitive position that the chain is dead as you saw it. An ARC chain is a chain of custody, and if custody is lost, that status shouldn't be a hot potato - it should be committed to the chain. And then per the logic in the spec, no one else touches the chain after the chain is declared dead. > A terminal ARC-set with cv=invalid is the only way to "close" a chain and >> avoid reprocessing by each and every subsequent hop as far as I can see. >> > > Note that we don't have a temp fail, so cv=fail could just be due to DNS > being unavailable, so the next hop may actually be able to validate the > chain, assuming the failing hop was a non-modifying hop. > This doesn't scan for several reasons: 1) if you stamp cv=fail, the next hop cannot validate the chain, as per spec it would see cv=fail and stop 2) even if it were within spec, if I stamp fail but modify the message, the chain is now unrecoverable 3) if cv=fail is NOT stamped, and I go about my business, then the next hop will try to recover the chain (and maybe it will recover from a tempfail), but the chain will likely still not validate because the AMS will not validate because I've most likely modified the message in a breaking manner I think Kurt's original point stands. cv=invalid is the only way to terminate a chain with a broken arc set. Seth >
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
