Currently xarf itself does not contain anything that proofs the report came from specific reporter. For example, I can send xarf claiming I am from netcraft and google.com is a malicious website. Of course email has SPF/DKIM, but having it in JSON file simplifies automated actions
My use case: if the request comes from trusted company I want to suspend link first and moderate later and send link to moderation queue for other reports
Currently xarf itself does not contain anything that proofs the report came from specific reporter. For example, I can send xarf claiming I am from netcraft and google.com is a malicious website. Of course email has SPF/DKIM, but having it in JSON file simplifies automated actions
My use case: if the request comes from trusted company I want to suspend link first and moderate later and send link to moderation queue for other reports