On Jun 30, 2017 2:37 PM, Brandon Long <[email protected]> wrote: Looking through the changes, I see that in 5.2.2 we previously and still say that the AAR field should be unknown. Unknown is a valid value for result names for dkim-adsp and rrvs, but I'm curious why we would use that and not just fail? fail seems to match better, especially now that we don't differentiate between invalid and fail in the cv value.
Fair point. I'll look at rephrasing that. We also discussed signing/verifying a cv=fail differently, which isn't in the draft yet (I don't think, I was looking at the diff not the whole document). We discussed that the signing/verifying of a cv=fail would only do so based on the single (presumably last) hop that contained the cv=fail. So, the AMS would be added/verified like normal, but the AS would only sign the as/ams/aar of that hop. That is already the specified handling in the case of fail. --Kurt
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
