diff options
author | Guilhem Moulin <guilhem.moulin@fripost.org> | 2014-01-12 21:50:16 +0100 |
---|---|---|
committer | Guilhem Moulin <guilhem.moulin@fripost.org> | 2014-01-12 21:50:16 +0100 |
commit | c80fa128a6fbbf7615efbe574d586052a38f15f8 (patch) | |
tree | 6c4ec9784d5abed8d9db9634f3ebbeb037e2ae1f /tracker/Publish_the_DKIM_public_key_in_the_DNS_zone.mdwn | |
parent | 9cb54d1943ce7fde729879b551c13a75f778ee6c (diff) |
More feature requests.
Diffstat (limited to 'tracker/Publish_the_DKIM_public_key_in_the_DNS_zone.mdwn')
-rw-r--r-- | tracker/Publish_the_DKIM_public_key_in_the_DNS_zone.mdwn | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/tracker/Publish_the_DKIM_public_key_in_the_DNS_zone.mdwn b/tracker/Publish_the_DKIM_public_key_in_the_DNS_zone.mdwn new file mode 100644 index 0000000..7c564ae --- /dev/null +++ b/tracker/Publish_the_DKIM_public_key_in_the_DNS_zone.mdwn @@ -0,0 +1,17 @@ +So anyone receiving an e-mail from `fripost.org`'s outgoing SMTP server +(possibly indirectly) can decide whether it's legit or tampered with. + +The DKIM public key should be added to `fripost.org`'s DNS zone as a TXT +record, as follows: + + 20140112._domainkey.fripost.org. 86400 IN TXT "v=DKIM1\; k=rsa\; p=…" + +Having one sub-domain (here `20140112`, the date where the key was +generated) is what Google does; that's a clever way to allow multiple +keys, which is useful for a smooth transition to a stronger key for +instance. + +See RFCs [6376](https://tools.ietf.org/html/rfc6376) and +[7001](https://tools.ietf.org/html/rfc7001) for references. The +[Wikipedia page](https://en.wikipedia.org/wiki/Dkim) might be another +good read. |