On Thu 27/Feb/2025 13:38:00 +0100 Steven M Jones wrote:
On 2/25/25 3:19 AM, Alessandro Vesely wrote:
Many people, including myself, were skeptical about ARC because of the
requirement that it be trusted unconditionally.
No, ARC leaves the question of which sealers to trust - and what to do based on
the information it conveyed - up to the receiver. It deferred the question of
how to make that decision, because it wasn't going to be feasible to include a
one-size-fits-all solution as part of a protocol specification. Some receivers
have the scale and resources to track reputation in-house, while others lack
one or both and might rely on some external source like a datafeed (e.g.
Spamhaus, SURBL, etc) or manual allowlist (see the neglected GitHub community
sealer list), or a fixed list reflected established relationships.
If I'm mistaken and ARC has text that says "trust seals and what they tell you
unconditionally," please share a reference so that I can learn the error of my
ways.
You are right, the actual ARC protocol, RFC 8617, does not enforce trust, of
course. However, one proposed approach was to unconditionally trust ARC sealers
to override DMARC. And that was the only practical way. The only other
alternative at the time, reputation monitoring, is a rather vague matter, whose
semantics clash badly with the deterministic nature of cryptographic verification.
Best
Ale
--
_______________________________________________
dmarc mailing list -- [email protected]
To unsubscribe send an email to [email protected]
