The 'v=' tag in an ARC-Seal header is a simple but critical component of the Authenticated Received Chain (ARC) protocol. In short, 'v' stands for 'version'.
ARC is an email authentication standard designed to preserve the results of SPF, DKIM, and DMARC checks as an email passes through various intermediaries, like mailing lists or forwarding services. These services often break the original authentication, and ARC provides a way for the final receiving server to validate the email's journey. It does this by adding a series of headers to the email at each step.
The purpose of the v= tag
The ARC-Seal header is the final piece of the puzzle. It takes a cryptographic snapshot of the previous ARC headers in the chain and 'seals' them, ensuring they haven't been tampered with. The v= tag is used within this header to declare which version of the ARC specification is being used.
For the current version of the protocol, the value is always v=1. This tag ensures that all systems processing the ARC chain can correctly interpret the syntax and semantics of the headers. If the ARC standard is updated in the future, a new version number (like v=2) would be used, allowing for backward compatibility and preventing misinterpretation by older systems.
Other tags in an ARC-Seal header
The v=1 tag works alongside several other tags in the ARC-Seal header to provide a complete and verifiable seal. These include:
- a=: The signing algorithm used (e.g., rsa-sha256).
- b=: The digital signature of the ARC-Message-Signature header fields.
- cv=: The chain validation status (e.g., 'none' or 'pass').
- d=: The domain that applied the seal.
- s=: The selector for the DNS record containing the public key.
- t=: The timestamp of when the seal was applied.
In summary, while the v= tag may seem minor, it plays a vital role in maintaining the integrity and future viability of the ARC protocol, ensuring that all participants in the email ecosystem are speaking the same language.
