On 8/11/2018 2:20 PM, Murray S. Kucherawy wrote:
Sign one" (I think you mean "seal one") remains ambiguous to me, because as Seth said, once I see "cv=fail", I don't care about anything else. Now I have a seal nobody cares about, which means the sealer shouldn't be bothered with generating it, irrespective of what gets fed to the hash.


There has been a persistent desire to find a way to continue to process an ARC sequence that is broken, as if that will somehow make it unbroken or, at least, /less/ broken.

It won't.

As soon as a broken ARC chain is detected, ARC is -- or at least should be -- finished. ARC-aware not should stop processing ARC for that message. Completely stop.

If there is a clear and compelling counter-argument of clear benefit that can be achieved, will be achieved, and is desired by receivers, what is it?


Dave Crocker
Brandenburg InternetWorking

dmarc mailing list

Reply via email to