++ed by:
KEEDI

1 PAUSE user
1 non-PAUSE user.

Marc Bradshaw
and 1 contributors

NAME

Mail::DKIM::ARC::Seal - represents a ARC-Seal header

CONSTRUCTORS

new() - create a new signature from parameters

  my $signature = Mail::DKIM::ARC::Seal->new(
                      [ Algorithm => 'rsa-sha256', ]
                      [ Signature => $base64, ]
                      [ Domain => 'example.org', ]
                      [ Instance => 1, ]
                      [ Chain => 'none', ] # none|fail|pass
                      [ Query => 'dns', ]
                      [ Selector => 'alpha', ]
                      [ Timestamp => time(), ]
                      [ Expiration => time() + 86400, ]
                  );

The ARC-Seal is similar to a DKIM signature but with the following changes:

https://tools.ietf.org/html/draft-ietf-dmarc-arc-protocol-06

5.1.1.1. Tags in the ARC-Seal Header Field Value

   The following tags are the only supported tags for an ARC-Seal field.
   All of them MUST be present.  Unknown tags MUST be ignored and do not
   affect the validity of the header.

   o  a = hash algorithm; syntax is the same as the "a=" tag defined in
      Section 3.5 of [RFC6376];

   o  b = digital signature; syntax is the same as the "b=" tag defined
      in Section 3.5 of [RFC6376];

   o  cv = chain validation status: valid values:

      *  'none' = no pre-existing chain;

      *  'fail' = the chain as received does not or can not validate; or

      *  'pass' = valid chain received.

   o  d = domain for key; syntax is the same as the "d=" tag defined in
      Section 3.5 of [RFC6376];

   o  i = "instance" or sequence number; monotonically increasing at
      each "sealing" entity, beginning with '1', see Section 5.1.1.1.1
      regarding the valid range

   o  s = selector for key; syntax is the same as the "s=" tag defined
      in Section 3.5 of [RFC6376];

   o  t = timestamp; syntax is the same as the "t=" tag defined in
      Section 3.5 of [RFC6376].

chain() - get or set the chain parameter (cv=) field

This must be one of "pass", "fail" or "none". For a chain to be valid, the very first (i=1) seal MUST be cv=none, and all further seals MUST be cv=pass.

instance() - get or set the signing instance (i=) field

  my $i = $signature->instance;

Instances must be integers less than 1024 according to the spec.

SEE ALSO

Mail::DKIM::Signature for DKIM-Signature headers

Mail::DKIM::ARC::MessageSignature for ARC-Message-Signature headers

AUTHOR

Bron Gondwana, <brong@fastmailteam.com>

COPYRIGHT AND LICENSE

Copyright (C) 2017 by FastMail Pty Ltd

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available.