Hi Seth,
I'd be happy to recharter the WG, and I'm happy you keep your role as Chair.
What I'm questioning is the meaning of /culminate/. IMHO, the new charter
should describe better the mailing list problem and the possible approaches to
solving it. ARC-sealing wouldn't be needed for forwarders who do proper DMARC
filtering, but mailing lists don't seem willing to change. How do we get out
of this impasse?
If /culminate/ means approving Trent's I-D as is, I don't support rechartering.
Best
Ale
On Wed 04/Feb/2026 14:19:48 +0100 Seth Blank wrote:
Let's get back to the explicit question around rechartering this working
group or not, please.
So far, as Chair, I am *only* hearing support for rechartering to culminate
the ARC experiment (where these detail conversations can take place if
that's even the right thing to do yet or not), and no support for winding
down the working group and taking up Trent's document via other venues.
If you do NOT support recharting, speak up now, please.
Seth
On Wed, Feb 4, 2026 at 6:48 AM Alessandro Vesely <[email protected]> wrote:
On Tue 03/Feb/2026 20:54:03 +0100 John R. Levine wrote:
On Tue, 3 Feb 2026, Jeroen Massar wrote:
As a side-note in the above codebase, when a message is received with a
DKIM header, we replace the original "From: [email protected]" with "From:
jeroen=massar.ch@via.<domain>", then DKIM sign it ...>
Yes, IETF lists including this one do a similar hack based on one I did for my
sympa lists a quite a while ago. One of the goals of DKIM2 is to let mailing
lists stop using that ugly hack and just describe the changes they wanted to
make so recipients can look back and see the original DMARC alignment, i.e.,
what we hoped ARC would do but in fact it doesn't.
The (subtle) difference lies in the kind of trust the receiver must place in
the signer. The intended use of ARC required blind trust, whereas DKIM2 can
reconstruct the original message and verify the author's domain signature, so
it only needs to trust that the changes made by the forwarder are semantically
correct.
Global trust is slippery, because spammers can take legitimate posts, wholly
replace their content, while duly compiling the difference and signing. How do
we know that DKIM2 won't fail for the same reasons ARC failed?
In the meantime, what's wrong if those who have already developed ARC learn to
use it in a different way, namely just to export authentication results?
Best
Ale
--
_______________________________________________
dmarc mailing list -- [email protected]
To unsubscribe send an email to [email protected]
_______________________________________________
dmarc mailing list -- [email protected]
To unsubscribe send an email to [email protected]
