ietf-svn-bot
commented
6 years ago @kboth+ietf@drkurt.com changed status from new to closed
Closed ietf-svn-bot closed 6 years ago
ietf-svn-bot
commented
6 years ago @kboth+ietf@drkurt.com changed status from new to closed
ietf-svn-bot
commented
6 years ago @kboth+ietf@drkurt.com set resolution to fixed
ietf-svn-bot
commented
6 years ago @kboth+ietf@drkurt.com commented
clarified and fixed in -16 and later
keyword_arc-protocol_wordsmithingowner:draft-ietf-dmarc-arc-protocol@ietf.orgresolution_fixedtype_enhancement| by kboth+ietf@drkurt.comCopied from -11:
Seth: replace with “ARC MUST be the last signer of the message; otherwise it cannot be validated on receipt.” in the signer actions section.
Kurt: Concern that this still does not address the risk of DKIM-Signatures covering ARC chains. This does not seem like it fits in this section but it needs to go somewhere. ]]
Statement in contention: DKIM-Signatures SHOULD never sign any ARC header fields.
Kurt: Response to Dave’s concern (in mailing list): If DKIM covers ARC and ARC covers DKIM, which comes first? The chicken or the egg? I’m open to alternate ways to phrase this without opening the “modifying the DKIM spec” can of worms.
Issue migrated from trac:14 at 2022-01-24 16:14:25 +0000