The Authenticated Received Chain (ARC) Protocol
RFC 8617

Document Type RFC - Experimental (July 2019; No errata)
Last updated 2019-07-09
Replaces draft-andersen-arc
Stream IETF
Formats plain text pdf html bibtex
Reviews
Stream WG state Submitted to IESG for Publication
Document shepherd Tim Wicinski
Shepherd write-up Show (last changed 2018-12-13)
IESG IESG state RFC 8617 (Experimental)
Consensus Boilerplate Yes
Telechat date
Responsible AD Alexey Melnikov
Send notices to Barry Leiba <barryleiba@computer.org>, Tim Wicinski <tjw.ietf@gmail.com>
IANA IANA review state IANA OK - Actions Needed
IANA action state RFC-Ed-Ack
Internet Engineering Task Force (IETF)                       K. Andersen
Request for Comments: 8617                                      LinkedIn
Category: Experimental                                      B. Long, Ed.
ISSN: 2070-1721                                                   Google
                                                           S. Blank, Ed.
                                                                Valimail
                                                       M. Kucherawy, Ed.
                                                                     TDP
                                                               July 2019

            The Authenticated Received Chain (ARC) Protocol

Abstract

   The Authenticated Received Chain (ARC) protocol provides an
   authenticated "chain of custody" for a message, allowing each entity
   that handles the message to see what entities handled it before and
   what the message's authentication assessment was at each step in the
   handling.

   ARC allows Internet Mail Handlers to attach assertions of message
   authentication assessment to individual messages.  As messages
   traverse ARC-enabled Internet Mail Handlers, additional ARC
   assertions can be attached to messages to form ordered sets of ARC
   assertions that represent the authentication assessment at each step
   of the message-handling paths.

   ARC-enabled Internet Mail Handlers can process sets of ARC assertions
   to inform message disposition decisions, identify Internet Mail
   Handlers that might break existing authentication mechanisms, and
   convey original authentication assessments across trust boundaries.

Andersen, et al.              Experimental                      [Page 1]
RFC 8617                    The ARC Protocol                   July 2019

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for examination, experimental implementation, and
   evaluation.

   This document defines an Experimental Protocol for the Internet
   community.  This document is a product of the Internet Engineering
   Task Force (IETF).  It represents the consensus of the IETF
   community.  It has received public review and has been approved for
   publication by the Internet Engineering Steering Group (IESG).  Not
   all documents approved by the IESG are candidates for any level of
   Internet Standard; see Section 2 of RFC 7841.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   https://www.rfc-editor.org/info/rfc8617.

Copyright Notice

   Copyright (c) 2019 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Andersen, et al.              Experimental                      [Page 2]
RFC 8617                    The ARC Protocol                   July 2019

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   4
   2.  General Concepts  . . . . . . . . . . . . . . . . . . . . . .   5
     2.1.  Evidence  . . . . . . . . . . . . . . . . . . . . . . . .   5
     2.2.  Custody . . . . . . . . . . . . . . . . . . . . . . . . .   5
     2.3.  Chain of Custody  . . . . . . . . . . . . . . . . . . . .   6
     2.4.  Validation of Chain of Custody  . . . . . . . . . . . . .   6
   3.  Terminology and Definitions . . . . . . . . . . . . . . . . .   6
     3.1.  ARC Set . . . . . . . . . . . . . . . . . . . . . . . . .   7
     3.2.  Authenticated Received Chain (ARC)  . . . . . . . . . . .   7
     3.3.  Internet Mail Handlers / Intermediaries . . . . . . . . .   7
     3.4.  Authentication Assessment . . . . . . . . . . . . . . . .   7
     3.5.  Signing vs. Sealing . . . . . . . . . . . . . . . . . . .   8
     3.6.  Sealer  . . . . . . . . . . . . . . . . . . . . . . . . .   8
     3.7.  Validator . . . . . . . . . . . . . . . . . . . . . . . .   8
     3.8.  Imported ABNF Tokens  . . . . . . . . . . . . . . . . . .   8
     3.9.  Common ABNF Tokens  . . . . . . . . . . . . . . . . . . .   8
   4.  Protocol Elements . . . . . . . . . . . . . . . . . . . . . .   9
     4.1.  ARC Header Fields . . . . . . . . . . . . . . . . . . . .   9
       4.1.1.  ARC-Authentication-Results (AAR)  . . . . . . . . . .   9
       4.1.2.  ARC-Message-Signature (AMS) . . . . . . . . . . . . .   9
       4.1.3.  ARC-Seal (AS) . . . . . . . . . . . . . . . . . . . .  11
Show full document text