diff --git a/src/App/DKIM.purs b/src/App/DKIM.purs
index c0a8f62..ef80f2b 100644
--- a/src/App/DKIM.purs
+++ b/src/App/DKIM.purs
@@ -37,8 +37,8 @@ emptyDKIMRR = { v: Nothing, k: Just RSA, h: Just SHA256, p: "", n: Nothing }
 -- of "foo.bar", the DNS query will be for
 -- "foo.bar._domainkey.example.com".
 
-data HashingAlgorithm = SHA1 | SHA256
-hash_algos = ["sha1", "sha256"] :: Array String
+data HashingAlgorithm = {- SHA1 | -} SHA256
+hash_algos = [ {- "sha1", -} SHA256] :: Array HashingAlgorithm
 
 -- | Codec for just encoding a single value of type `HashingAlgorithm`.
 codecHashingAlgorithm :: CA.JsonCodec HashingAlgorithm
@@ -46,17 +46,17 @@ codecHashingAlgorithm = CA.prismaticCodec "HashingAlgorithm" str_to_hashing_algo
 
 str_to_hashing_algorithm :: String -> Maybe HashingAlgorithm
 str_to_hashing_algorithm = case _ of
-  "sha1"      -> Just SHA1
+  -- "sha1"      -> Just SHA1
   "sha256"    -> Just SHA256
   _ -> Nothing
 
 show_hashing_algorithm :: HashingAlgorithm -> String
 show_hashing_algorithm = case _ of
-  SHA1   -> "sha1"
+  -- SHA1   -> "sha1"
   SHA256 -> "sha256"
 
 data SignatureAlgorithm = RSA
-sign_algos = ["rsa"] :: Array String
+sign_algos = [RSA] :: Array SignatureAlgorithm
 
 -- | Codec for just encoding a single value of type `SignatureAlgorithm`.
 codecSignatureAlgorithm :: CA.JsonCodec SignatureAlgorithm
diff --git a/src/App/Text/Explanations.purs b/src/App/Text/Explanations.purs
index f83ae3f..6b867d3 100644
--- a/src/App/Text/Explanations.purs
+++ b/src/App/Text/Explanations.purs
@@ -8,7 +8,21 @@ dkim_introduction =
     DKIM is a way to share a public signature key for the domain.
     This allows emails to be signed by the sender, and for the receiver to prove the origin of the mail.
     """
-  , Bulma.p """
+  , HH.p []
+    [ HH.text """
+        Default name is fine, change it only if you know what you are doing.
+        For the configuration of your mail server, remember that your
+      """
+    , HH.u_ [HH.text "selector"]
+    , HH.text " is "
+    , Bulma.strong "default"
+    , HH.text "."
+    ]
+  ]
+
+dkim_default_algorithms :: forall w i. Array (HH.HTML w i)
+dkim_default_algorithms =
+  [ Bulma.p """
     Default values should be fine (RSA + SHA256), change them only if you know what you are doing.
     Just enter your public key.
   """
diff --git a/src/App/ZoneInterface.purs b/src/App/ZoneInterface.purs
index 1974bd5..6ee83e3 100644
--- a/src/App/ZoneInterface.purs
+++ b/src/App/ZoneInterface.purs
@@ -465,13 +465,14 @@ render state
               (show state._currentRR.ttl)
               should_be_disabled
           , Bulma.hr
+          , Bulma.div_content [Bulma.explanation Explanations.dkim_default_algorithms]
           , Bulma.selection_field "idDKIMSignature" "Signature algo"
               DKIM_sign_algo
-              DKIM.sign_algos
+              (map DKIM.show_signature_algorithm DKIM.sign_algos)
               (DKIM.show_signature_algorithm $ fromMaybe DKIM.RSA state.dkim.k)
           , Bulma.selection_field "idDKIMHash"      "Hash algo"
               DKIM_hash_algo
-              DKIM.hash_algos
+              (map DKIM.show_hashing_algorithm DKIM.hash_algos)
               (DKIM.show_hashing_algorithm   $ fromMaybe DKIM.SHA256 state.dkim.h)
           , Bulma.box_input "pkDKIM" "Public Key" "Your public key, such as 'MIIBIjANBgqh...'"
               DKIM_pubkey state.dkim.p should_be_disabled
@@ -560,6 +561,11 @@ handleAction = case _ of
     -- In case the `name` part of the resource record is empty, consider the name to be the domain itself.
     H.modify_ \s -> s { _currentRR = replace_name s._domain s._currentRR }
 
+    -- TODO: should the code design change? Would the code be simplified by working only on _currentRR.dkim?
+    _ <- case t of
+           DKIM -> H.modify_ \state -> state { _currentRR { dkim = Just state.dkim } }
+           _ -> pure unit
+
     state <- H.get
     case Validation.validation state._currentRR of
       Left actual_errors -> do
@@ -567,7 +573,7 @@ handleAction = case _ of
         -- loopE (\v -> H.raise $ Log $ ErrorLog $ "==> " <> show_error v) actual_errors
         H.modify_ _ { _currentRR_errors = actual_errors }
       Right newrr -> do
-        H.modify_ _ { _currentRR_errors = [] }
+        H.modify_ _ { _currentRR_errors = [], dkim = DKIM.emptyDKIMRR }
         handleAction $ AddRR t newrr
         handleAction CancelModal
 
@@ -669,14 +675,12 @@ handleAction = case _ of
           v  -> Just v
     H.modify_ _ { _currentRR { modifiers = new_value }}
 
-  DKIM_hash_algo v -> H.modify_ _ { dkim { h = mod_dkim_h v } }
-  DKIM_sign_algo v -> H.modify_ _ { dkim { k = mod_dkim_k v } }
-  DKIM_pubkey    v -> H.modify_ _ { dkim { p =            v } }
-  DKIM_note      v -> H.modify_ _ { dkim { n = Just       v } }
+  DKIM_hash_algo v -> H.modify_ _ { dkim { h = DKIM.hash_algos A.!! v } }
+  DKIM_sign_algo v -> H.modify_ _ { dkim { k = DKIM.sign_algos A.!! v } }
+  DKIM_pubkey    v -> H.modify_ _ { dkim { p =                      v } }
+  DKIM_note      v -> H.modify_ _ { dkim { n = Just                 v } }
 
   where
-  mod_dkim_h v = DKIM.str_to_hashing_algorithm   $ fromMaybe "sha256" $ DKIM.hash_algos A.!! v
-  mod_dkim_k v = DKIM.str_to_signature_algorithm $ fromMaybe "rsa"    $ DKIM.sign_algos A.!! v
   -- In case the `name` part of the resource record is empty replace it with the domain name.
   replace_name domain rr = case rr.name of
                          "" -> rr { name = domain <> "." }