Hi all, It has been a while since I’ve commented, though I’ve continued to follow the discussion closely with an eye toward direction and implementation considerations.
First, for context, I never subscribed to ARC as originally proposed. In my view, ARC introduced significant operational and processing overhead without resolving what I consider the core DKIM problem: a cryptographically bound authorization mechanism by which the originating author domain explicitly authorizes third-party domains to sign on its behalf. That remains the essential DKIM “holy grail,” and for that reason I chose not to deploy ARC in our mail platform. From my reading of the proposed DMARC recharter, the effort appears focused on formally concluding the ARC experiment, without carrying ARC forward as a required or recommended component of DMARC. From that standpoint, I’m supportive of closing the loop on the experiment. However, I do want to flag one point of potential ambiguity. The abstract of draft-adams-arc-experiment-conclusion-01 states that operational experience from ARC is being incorporated into proposed “DKIM2” work, described as a successor to DKIM. The use of that term naturally raises questions about long-term intent and transition: whether DKIM2 is expected to replace DKIM, coexist with it, or redefine expectations for intermediary handling in a way that implicitly reintroduces ARC-like semantics. Given that this recharter proposal is specifically about concluding the ARC experiment, it may be helpful if the charter text (or accompanying explanation) more clearly distinguishes between: declaring ARC complete and obsolete as an experiment, and the separate architectural direction of DKIM2, including whether and how ARC-derived concepts are intended to persist. I recognize that now is not the time to debate the technical details of the draft itself, but clarity at the charter level about scope and intent would help avoid confusion later—particularly for operators who deliberately chose not to deploy ARC. All the best, Hector Santos > On Jan 30, 2026, at 11:29 AM, Barry Leiba <[email protected]> wrote: > > Thanks for getting this started, Trent! > > For other, I want to highlight one thing Trent said: > > By all means, read the draft to get a sense of what work is being > proposed. But this is not the time to discuss the draft -- this is > the time to look at the charter and discuss whether we're interested > in taking on the task of wrapping up and documenting the ARC > experiment and its results. If the answer to that is "yes" and we > recharter to do it, *then* we'll start discussing the details of the > draft. > > So, again, the charter proposal: > https://github.com/ietf-artarea/charters/blob/main/dmarc/charter.md > > Barry > > On Fri, Jan 30, 2026 at 11:23 AM Trent Adams > <[email protected]> wrote: >> >> >> DMARC Folks - >> >> Now that the DMARC WG has successfully achieved the recent goals (yay!)… >> perhaps there’s bandwidth to take on the small task of helping to finally >> close out some prior work that was left aside. >> >> Specifically, I’m hoping that we can officially close the Authenticated >> Received Chain (ARC) experiment. As folks remember, we called the DMARC >> intermediary breakage problem out of scope in order to publish RFC7489… >> moving the work of addressing the issue into what became the experimental >> ARC RFC (RFC8617). >> >> Now that the experiment has essentially been running since the initial draft >> in 2015, through a dozen or so revisions, resulting in the Experimental RFC >> being issued in 2019… we have over a decade of operational experience with >> it. During that time, we’ve collectively learned a lot about what has >> worked, what hasn’t, and how we can fold our collective experience into an >> effective, scalable mitigation against intermediary DMARC breakage. >> >> A handful of folks have collaborated on a draft that effectively calls for >> declaring the ARC experiment complete, with a suggestion for moving further >> development of what was learned into the DKIM WG where we’re incorporating a >> similar (and enhanced) signed chaining model. >> >> Concluding the ARC Experiment >> (draft-adams-arc-experiment-conclusion-01) >> https://datatracker.ietf.org/doc/draft-adams-arc-experiment-conclusion/ >> >> While discussing the proposal, we wondered what path would be the most >> reasonable to follow for moving the work forward… and the rough consensus >> (so far) was to first bring it to the DMARC WG as this was where the ARC >> work began. So… the question for the folks here is… would you be interested >> in a very tightly-scoped rechartering of the DMARC WG to expressly take on >> the activity (and only this activity) of considering, amending, and >> potentially approving the “Concluding the ARC Experiment” draft so that we >> can officially move forward? >> >> To help prime the pump for consideration of rechartering, we’ve drafted a >> (very) short draft of a proposed DMARC WG charter for this specific work: >> >> https://github.com/ietf-artarea/charters/blob/main/dmarc/charter.md >> >> Please give both drafts a read and see if you think that this group would be >> the right place to spin up this work, and please reply with your thoughts. >> The current DMARC WG Chairs (Barry Leiba, Seth Blank) as well as the AD >> (Andy Newton) will be gathering a sense of the room to determine consensus >> for moving forward. >> >> NOTE: We’re not asking for your opinion about the work itself at this time >> (good / bad / how to improve it)… but rather, would this group be interested >> in having those discussions here… once we know where to have the discussion… >> then the floodgates will open (and I’ll be sure to batten down the hatches). >> >> Thanks for your consideration! >> >> Cheers, >> Trent >> >> -- >> >> J. Trent Adams >> >> Director, Ecosystem Security >> >> Proofpoint >> >> >> >> [email protected] >> >> https://www.linkedin.com/in/jtrentadams >> >> >> >> _______________________________________________ >> dmarc mailing list -- [email protected] >> To unsubscribe send an email to [email protected] > > _______________________________________________ > dmarc mailing list -- [email protected] > To unsubscribe send an email to [email protected]
_______________________________________________ dmarc mailing list -- [email protected] To unsubscribe send an email to [email protected]
