Hello
I have a question about the relation between Authentication-Results and
ARC Set.
I hope this is the good place to ask
In RFC8617, it is written (part2.4: Validation of Chain of Custody)
Any ARC-enabled Internet Mail Handler can validate the entire set of
custody and the authentication assessments asserted by each party to
yield a valid chain of custody. If the evidence-supplying custodians
can be trusted, then the validated chain of custody describes the
(possibly changing) authentication assessment as the message traveled
through various custodians.
Even though a message's authentication assessment might have changed,
the validated chain of custody can be used to determine if the
changes (and the custodians responsible for the changes) can be
tolerated.
On incoming layer, saying I create an Authentication-Results header and
base a first ARC Set
Then, email travels through infra and can be eventually forwarded to
outside (redirection, responder, mailinglist).
On outgoing layer, I create a second ARC Set.
This ARC Set should check Authentication-Results header to create the
AAR (ARC Authentication-Results).
Can I use the previous Authentication-Results as I can trust the flow
for incoming to outgoing, or should I create a new
Authentication-Results on this?
Thank for your answer?
Ismael
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
