On Fri, 2 Nov 2018, Kurt Andersen (b) wrote:
I mean ARC as it's implemented now, not in our multi-signing draft.
It seems like a poor implementation choice to be enforcing something which
is not part of the spec :-), especially when there are parenthetical
comments and references to things like ARC-MULTI to warn you against
leaping to foot-shooting enforcement choices.
I see it also says:
Valid ARC Sets MUST have exactly one instance of each ARC header
field (AAR, AMS, and AS) for a given instance value and signing
algorithm.
I'm reasonably sure that doesn't match a lot of running code. I'm
particularly thinking of gmail here.
Regards,
John Levine, [email protected], Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
