On Mon, Aug 7, 2017 at 9:10 PM, Bron Gondwana <br...@fastmailteam.com> wrote:
> . . . If you aren't willing to agree that the most recent liar can > repurpose an existing chain, I'm happy to avoid making the forgery, > otherwise I'll make up a forgery and send it to the list. > > But since you either trust every hop to do good checks, or you don't trust > the entire message - then the ARC-Seal is literally adding nothing. It > adds no meaning, just extra work. Hence my snakeoil claim. > Is your concern that the last hop (or any other) can essentially do a wholesale replacement of the message contents and that there is no way to distinguish that from a semantically meaningless footer tweak? I'm not sure that I understand your assertion that you can forge an AS any more than you could forge a DKIM signature. --Kurt
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc