Let's get back to the explicit question around rechartering this working group or not, please.
So far, as Chair, I am *only* hearing support for rechartering to culminate the ARC experiment (where these detail conversations can take place if that's even the right thing to do yet or not), and no support for winding down the working group and taking up Trent's document via other venues. If you do NOT support recharting, speak up now, please. Seth On Wed, Feb 4, 2026 at 6:48 AM Alessandro Vesely <[email protected]> wrote: > On Tue 03/Feb/2026 20:54:03 +0100 John R. Levine wrote: > > On Tue, 3 Feb 2026, Jeroen Massar wrote: > > > >> As a side-note in the above codebase, when a message is received with a > >> DKIM header, we replace the original "From: [email protected]" with > "From: > >> jeroen=massar.ch@via.<domain>", then DKIM sign it ...> > > Yes, IETF lists including this one do a similar hack based on one I did > for my > > sympa lists a quite a while ago. One of the goals of DKIM2 is to let > mailing > > lists stop using that ugly hack and just describe the changes they > wanted to > > make so recipients can look back and see the original DMARC alignment, > i.e., > > what we hoped ARC would do but in fact it doesn't. > > > The (subtle) difference lies in the kind of trust the receiver must place > in > the signer. The intended use of ARC required blind trust, whereas DKIM2 > can > reconstruct the original message and verify the author's domain signature, > so > it only needs to trust that the changes made by the forwarder are > semantically > correct. > > Global trust is slippery, because spammers can take legitimate posts, > wholly > replace their content, while duly compiling the difference and signing. > How do > we know that DKIM2 won't fail for the same reasons ARC failed? > > In the meantime, what's wrong if those who have already developed ARC > learn to > use it in a different way, namely just to export authentication results? > > > Best > Ale > -- > > > >
_______________________________________________ dmarc mailing list -- [email protected] To unsubscribe send an email to [email protected]
