On Mon, Aug 7, 2017 at 9:10 PM, Bron Gondwana <br...@fastmailteam.com>
> . . . If you aren't willing to agree that the most recent liar can
> repurpose an existing chain, I'm happy to avoid making the forgery,
> otherwise I'll make up a forgery and send it to the list.
> But since you either trust every hop to do good checks, or you don't trust
> the entire message - then the ARC-Seal is literally adding nothing. It
> adds no meaning, just extra work. Hence my snakeoil claim.
Is your concern that the last hop (or any other) can essentially do a
wholesale replacement of the message contents and that there is no way to
distinguish that from a semantically meaningless footer tweak?
I'm not sure that I understand your assertion that you can forge an AS any
more than you could forge a DKIM signature.
dmarc mailing list