NAME

       Mail::DKIM::ARC::Seal - represents a ARC-Seal header

VERSION

       version 1.20220520

CONSTRUCTORS

   new() - create a new signature from parameters
         my $signature = Mail::DKIM::ARC::Seal->new(
                             [ Algorithm => 'rsa-sha256', ]
                             [ Signature => $base64, ]
                             [ Domain => 'example.org', ]
                             [ Instance => 1, ]
                             [ Chain => 'none', ] # none|fail|pass
                             [ Query => 'dns', ]
                             [ Selector => 'alpha', ]
                             [ Timestamp => time(), ]
                             [ Expiration => time() + 86400, ]
                         );

       The ARC-Seal is similar to a DKIM signature but with the following changes:

       https://tools.ietf.org/html/draft-ietf-dmarc-arc-protocol-06

       5.1.1.1.  Tags in the ARC-Seal Header Field Value

          The following tags are the only supported tags for an ARC-Seal field.
          All of them MUST be present.  Unknown tags MUST be ignored and do not
          affect the validity of the header.

          o  a = hash algorithm; syntax is the same as the "a=" tag defined in
             Section 3.5 of [RFC6376];

          o  b = digital signature; syntax is the same as the "b=" tag defined
             in Section 3.5 of [RFC6376];

          o  cv = chain validation status: valid values:

             *  'none' = no pre-existing chain;

             *  'fail' = the chain as received does not or can not validate; or

             *  'pass' = valid chain received.

          o  d = domain for key; syntax is the same as the "d=" tag defined in
             Section 3.5 of [RFC6376];

          o  i = "instance" or sequence number; monotonically increasing at
             each "sealing" entity, beginning with '1', see Section 5.1.1.1.1
             regarding the valid range

          o  s = selector for key; syntax is the same as the "s=" tag defined
             in Section 3.5 of [RFC6376];

          o  t = timestamp; syntax is the same as the "t=" tag defined in
             Section 3.5 of [RFC6376].

   chain() - get or set the chain parameter (cv=) field
       This must be one of "pass", "fail" or "none".  For a chain to be valid, the very first
       (i=1) seal MUST be cv=none, and all further seals MUST be cv=pass.

   instance() - get or set the signing instance (i=) field
         my $i = $signature->instance;

       Instances must be integers less than 1024 according to the spec.

SEE ALSO

       Mail::DKIM::Signature for DKIM-Signature headers

       Mail::DKIM::ARC::MessageSignature for ARC-Message-Signature headers

AUTHORS

       •   Jason Long <jason@long.name>

       •   Marc Bradshaw <marc@marcbradshaw.net>

       •   Bron Gondwana <brong@fastmailteam.com> (ARC)

THANKS

       Work on ensuring that this module passes the ARC test suite was generously sponsored by
       Valimail (https://www.valimail.com/)

COPYRIGHT AND LICENSE

       •   Copyright (C) 2013 by Messiah College

       •   Copyright (C) 2010 by Jason Long

       •   Copyright (C) 2017 by Standcore LLC

       •   Copyright (C) 2020 by FastMail Pty Ltd

       This library is free software; you can redistribute it and/or modify it under the same
       terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of
       Perl 5 you may have available.