Hi, Le 06/02/2026 à 15:18, Seth Blank a écrit : > > Our options as outlined are: > > 1. Take this document on now in a rechartered DMARC WG to conclude ARC. > 2. Shutter DMARC WG as intended, and take on this document via AD > sponsorship or some other more directed approach. > 3. Let this document be published with DKIM2 as part of a cluster of > documents concluding ARC are shifting to DKIM2 as explicit successor. > > So far, there has been some support for (1) and limited support for (3). > There has yet been no support for (2).
(3), AFAIC. > On Fri, Feb 6, 2026 at 8:03 AM Alessandro Vesely <[email protected] > <mailto:[email protected]>> wrote: > > On Fri 06/Feb/2026 09:27:20 +0100 Baptiste Carvello wrote: > > Then, assuming that every receiver is an authorized forwarder (which is > > an acceptable assumption in the common case), the whole forwarding trail > > can be followed and verified. > > This assumption is wrong! Forwarding requires agreement. OT, but: the assumption is _acceptable_ in practice, as long as the impersonator won't spend resources to obtain a genuine message from the victim. Which holds true for the common spam/fishing threat model. Cheers, Baptiste _______________________________________________ dmarc mailing list -- [email protected] To unsubscribe send an email to [email protected]
