Currently, we don't do anything with failed chains short of keeping stats. Everything we've used the chain for so far has been from passing chains.
That said, we still only trust our own chain elements, we haven't seen wide enough adoption to spend much effort on interpreting chains which involve multiple parties. Brandon On Fri, Aug 3, 2018 at 10:54 AM John R Levine <jo...@taugh.com> wrote: > > I know I lost the argument on cv (I think cv is entirely superfluous and > > there's no point adding/signing a cv=fail header), but it seems the > > argument for that is more data. That said, this "either or" signing set > > thing on cv=fail seems pretty cumbersome. > > You guys have looked at as many ARC signatures as anyone. Once the chain > has a cv=fail do you learn anything useful from further seals? > > R's, > John > > >> In 5.2, oldest pass is confusing, since it doesn't tell you whether > >> the validation succeeds or not. I would take out steps 5-7 and add > >> something to the INFORMATIONAL at the end like "A validator can check > >> the AMS headers to estimate when in a chain of forwards the message > >> was modified." >
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc