docs: add IPIP-351 to 0.19 changelog

docs/changelogs/v0.19.md

@@ -7,7 +7,10 @@
 - [Overview](#overview)
 - [🔦 Highlights](#-highlights)
   - [Improving the libp2p resource management integration](#improving-the-libp2p-resource-management-integration)
-  - [Pubsub message caching improvements](#pubsub-message-caching-improvements)
+  - [PubSub message caching improvements](#pubsub-message-caching-improvements)
+  - [Gateways](#gateways)
+    - [Signed IPNS Record response format](#signed-ipns-record-response-format)
+    - [Example fetch and inspect IPNS record](#example-fetch-and-inspect-ipns-record)
 - [📝 Changelog](#-changelog)
 - [👨‍👩‍👧‍👦 Contributors](#-contributors)
 
@@ -27,6 +30,46 @@ and [0.18.1](https://github.com/ipfs/kubo/blob/master/docs/changelogs/v0.18.md#i
 
 The PubSub message cache will now [prune messages after TTL is exhausted](https://github.com/ipfs/kubo/blob/master/docs/config.md#pubsubseenmessagesttl), [either based on the last time a message was seen or the first time it was seen](https://github.com/ipfs/kubo/blob/master/docs/config.md#pubsubseenmessagesstrategy).
 
+#### Gateways
+
+##### Signed IPNS Record response format
+
+This release implements [IPIP-351](https://github.com/ipfs/specs/pull/351) and
+adds Gateway support for returning signed (verifiable) `ipns-record` (0x0300)
+when `/ipns/{libp2p-key}` is requested with either
+`Accept: application/vnd.ipfs.ipns-record` HTTP header
+or `?format=ipns-record` URL query parameter.
+
+
+The Gateway in Kubo already supported [trustless, verifiable retrieval](https://docs.ipfs.tech/reference/http/gateway/#trustless-verifiable-retrieval) of immutable `/ipfs/` namespace.
+With `?format=ipns-record`, light HTTP clients are now able to get the same level of verifiability for IPNS websites.
+
+Tooling is limited at the moment, but we are working on [go-libipfs](https://github.com/ipfs/go-libipfs/) examples that illustrate the verifiable HTTP client pattern.
+
+##### Example: fetch IPNS record over HTTP and inspect it with `ipfs name inspect --verify`
+
+```console
+$ FILE_CID=$(echo "Hello IPFS" | ipfs add --cid-version 1 -q)
+$ IPNS_KEY=$(ipfs key gen test)
+$ ipfs name publish /ipfs/$FILE_CID --key=test --ttl=30m
+Published to k51q..dvf1: /ipfs/bafk..z244
+$ curl "http://127.0.0.1:8080/ipns/$IPNS_KEY?format=ipns-record" > signed.ipns-record
+$ ipfs name inspect --verify $IPNS_KEY < signed.ipns-record
+Value:         "/ipfs/bafk..."
+Validity Type: "EOL"
+Validity:      2023-03-09T23:13:34.032977468Z
+Sequence:      0
+TTL:           1800000000000
+PublicKey:     ""
+Signature V1:  "m..."
+Signature V2:  "m..."
+Data:          {...}
+
+Validation results:
+ Valid:     true
+ PublicKey: 12D3...
+```
+
 ### 📝 Changelog
 
 ### 👨‍👩‍👧‍👦 Contributors