From 4b73c622a4d5d0ef6d39efd77d5df1733cec81b1 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem.moulin@fripost.org>
Date: Sun, 12 Jan 2014 21:51:42 +0100
Subject: typo

---
 .../Publish_the_DKIM_public_key_to_the_DNS_zone.mdwn    | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 tracker/Publish_the_DKIM_public_key_to_the_DNS_zone.mdwn

(limited to 'tracker/Publish_the_DKIM_public_key_to_the_DNS_zone.mdwn')

diff --git a/tracker/Publish_the_DKIM_public_key_to_the_DNS_zone.mdwn b/tracker/Publish_the_DKIM_public_key_to_the_DNS_zone.mdwn
new file mode 100644
index 0000000..7c564ae
--- /dev/null
+++ b/tracker/Publish_the_DKIM_public_key_to_the_DNS_zone.mdwn
@@ -0,0 +1,17 @@
+So anyone receiving an e-mail from `fripost.org`'s outgoing SMTP server
+(possibly indirectly) can decide whether it's legit or tampered with.
+
+The DKIM public key should be added to `fripost.org`'s DNS zone as a TXT
+record, as follows:
+
+    20140112._domainkey.fripost.org. 86400 IN TXT "v=DKIM1\; k=rsa\; p=…"
+
+Having one sub-domain (here `20140112`, the date where the key was
+generated) is what Google does; that's a clever way to allow multiple
+keys, which is useful for a smooth transition to a stronger key for
+instance.
+
+See RFCs [6376](https://tools.ietf.org/html/rfc6376) and
+[7001](https://tools.ietf.org/html/rfc7001) for references. The 
+[Wikipedia page](https://en.wikipedia.org/wiki/Dkim) might be another
+good read.
-- 
cgit v1.2.3