Scroll to navigation

Mail::DKIM::ARC::Seal(3pm) User Contributed Perl Documentation Mail::DKIM::ARC::Seal(3pm)

NAME

Mail::DKIM::ARC::Seal - represents a ARC-Seal header

VERSION

version 1.20230212

CONSTRUCTORS

new() - create a new signature from parameters

  my $signature = Mail::DKIM::ARC::Seal->new(
                      [ Algorithm => 'rsa-sha256', ]
                      [ Signature => $base64, ]
                      [ Domain => 'example.org', ]
                      [ Instance => 1, ]
                      [ Chain => 'none', ] # none|fail|pass
                      [ Query => 'dns', ]
                      [ Selector => 'alpha', ]
                      [ Timestamp => time(), ]
                      [ Expiration => time() + 86400, ]
                  );

The ARC-Seal is similar to a DKIM signature but with the following changes:

https://tools.ietf.org/html/draft-ietf-dmarc-arc-protocol-06

5.1.1.1. Tags in the ARC-Seal Header Field Value

   The following tags are the only supported tags for an ARC-Seal field.
   All of them MUST be present.  Unknown tags MUST be ignored and do not
   affect the validity of the header.
   o  a = hash algorithm; syntax is the same as the "a=" tag defined in
      Section 3.5 of [RFC6376];
   o  b = digital signature; syntax is the same as the "b=" tag defined
      in Section 3.5 of [RFC6376];
   o  cv = chain validation status: valid values:
      *  'none' = no pre-existing chain;
      *  'fail' = the chain as received does not or can not validate; or
      *  'pass' = valid chain received.
   o  d = domain for key; syntax is the same as the "d=" tag defined in
      Section 3.5 of [RFC6376];
   o  i = "instance" or sequence number; monotonically increasing at
      each "sealing" entity, beginning with '1', see Section 5.1.1.1.1
      regarding the valid range
   o  s = selector for key; syntax is the same as the "s=" tag defined
      in Section 3.5 of [RFC6376];
   o  t = timestamp; syntax is the same as the "t=" tag defined in
      Section 3.5 of [RFC6376].

chain() - get or set the chain parameter (cv=) field

This must be one of "pass", "fail" or "none". For a chain to be valid, the very first (i=1) seal MUST be cv=none, and all further seals MUST be cv=pass.

instance() - get or set the signing instance (i=) field

  my $i = $signature->instance;

Instances must be integers less than 1024 according to the spec.

SEE ALSO

Mail::DKIM::Signature for DKIM-Signature headers

Mail::DKIM::ARC::MessageSignature for ARC-Message-Signature headers

AUTHORS

  • Jason Long <jason@long.name>
  • Marc Bradshaw <marc@marcbradshaw.net>
  • Bron Gondwana <brong@fastmailteam.com> (ARC)

THANKS

Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/)

COPYRIGHT AND LICENSE

  • Copyright (C) 2013 by Messiah College
  • Copyright (C) 2010 by Jason Long
  • Copyright (C) 2017 by Standcore LLC
  • Copyright (C) 2020 by FastMail Pty Ltd

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available.

2024-06-17 perl v5.36.0