I discovered the hard way that it is mandatory to split the DKIM string in two parts because the entire DKIM signatures exceeds the maximum string length allowed in DNS (254 chars)
I suggest to implement this directly into the UI to guide the wanna be system admin like me
The correct way is doing it like this : (notice the double quotes)
default._domainKey IN TXT "v=DKIM1; k=rsa; p=FAKEDKIMSTRINGqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aWbHuwQ4DkyFHQyx/N+w6Ll6YujuPcXnxZPXfezfzfzefzeaAWRrilWv8R94QTxBc5eB12Nz1a/IfUBIS/U9U9Tlme4gBRqvRbaFe/YvsqxUTnG8e+nMk6aPWKuRQZmaulhSlUXH69pmKJMhkBUzGsPVDuGnfS/qi5LldCOpnz/el5H0Q7NynLDMU10MdEzd/j" "qzMHCWpPNK0KJafKh9PjEVfWDB54+gyye7JJeo+uYTEmHCeuMtW+QXOBmQ/80Twcm8JXahDK/Gufd2B7/LwArptXkBF9fxQ5rKDM9kZSw6KAf/vmLpQmlnH6dbqMqlNuD8z7GcMFRqOHYQK70bC6ewIDAQAB"
I think the RFC specs are not meaningful here, because the goal is conveying how to set up the DKIM DNS record in a generic DNS provider, something that is out of NethServer. We don’t know what are the requirements of the DNS provider user interface, we can only expect that in the end a DNS TXT record is configured.
I agree on this. We learned that there are two classes of providers:
(Richly implemented) DNS providers that accept a value of arbitrary length and transform it to a RFC compliant DNS TXT record
(Poorly implemented) DNS providers that expect the user to provide RFC compliant chunks of 255 octets at maximum
What we could do is providing the record values in both forms, to ease the cut/paste operations. The first form is provided by the current UI in a text area:
Proposal
Add a text label under it with a text area where each line corresponds to a chunk of text of 255 chars max:
Alternative RDATA syntax with quoted chunks of 255 chars at max
+-------------------------------------------------------+
|"v=DKIM1; .... nLDMU10MdEzd/j" |
|"qzMHCWpPNK0KJafK ... bC6ewIDAQAB" |
| |
+-------------------------------------------------------+
Is “quoted” a good idea? Or is it better to print the chunk without quotes?
If we go with quotes, are round brackets needed too around before the first and after the last chunk?
Or add a text area for every 255chars chunk.
Not that smooth for design but quite clear for avoiding mistakes.
On the other side, whatever is being choosen as chunk surrounding char, should be clearly stated in box description.
not exclusive but complementary, However I would like to create a key without the domain name as key selector. Unfortunately it will be good only for new keys