It appears that Jim Fenton <[email protected]> said: >I’m a little unclear on the need to fully describe the “mutation” that might >be applied by an intermediary. Even if fully described, you need to >have some trust of the intermediary to accept the mutation, because otherwise >you don’t know that the mutation doesn’t contain harmful/unwanted >content (barring some magic AI thing perhaps).
I think the idea is that malicious mutations are likely to be rare, and as a first approximation you can accept them all, and block the sources of malicious ones. This is way better than ARC for small systems since doing a malicious but reversible mutation is going to be harder than just slapping on a few fake ARC headers. I agree with Murray that this is something to deal with in the WG, not in the charter. R's, John _______________________________________________ Ietf-dkim mailing list -- [email protected] To unsubscribe send an email to [email protected]
