Ok Google: Please Publish Your DKIM Secret Keys 108
Matthew Green, a cryptographer and professor at Johns Hopkins University, writes: The Internet is a dangerous place in the best of times. Sometimes Internet engineers find ways to mitigate the worst of these threats, and sometimes they fail. Every now and then, however, a major Internet company finds a solution that actually makes the situation worse for just about everyone. Today I want to talk about one of those cases, and how a big company like Google might be able to lead the way in fixing it. This post is about the situation with Domain Keys Identified Mail (DKIM), a harmless little spam protocol that has somehow become a monster. My request is simple and can be summarized as follows: Dear Google: would you mind rotating and publishing your DKIM secret keys on a periodic basis? This would make the entire Internet quite a bit more secure, by removing a strong incentive for criminals to steal and leak emails. The fix would cost you basically nothing, and would remove a powerful tool from hands of thieves.
Re: Worst possible idea? (Score:5, Insightful)
So for example if someone hacks my email I have deniability. This disincentives hacking my email, or something.
Re: (Score:2)
Re: Worst possible idea? (Score:2)
I'm just saying what I believed the summary to be suggesting.
Re: Worst possible idea? (Score:5, Insightful)
If you want to send a non-repudiable email message, then fucking sign it yourself with PGP or something. DKIM has no special legal status, and less actual evidentiary value
And DKIM didn't have anything at all to do with people being more accepting of emailed documents, anyway, nor did it change any legal situation. FAX is completely unauthenticated and at least as easy to forge as email ever was, but people accepted it because they were used to it. When they got used to email, they started accepting email too.
What DKIM did do was to make email harder to repudiate by accident, through the back door, with a change introduced for a completely different purpose. It's completely legitimate to undo that, especially when there are better ways for a user to opt in to non-repudiation.
Re: (Score:3)
If you need legal strength in your email, you shouldn't be relying on an accidental side-effect of someone else's ephemeral authentication scheme. Generate your own keys intended for long term authentication and sign the message yourself.
Re: (Score:1)
Re: (Score:2)
OTOH, email has been deniable for quite a while. DKIM hjas as a side effect, the worst of both worlds. It produces something that is frequently accepted as non-deniable authentication while making it hard (but far from impossible) to forge a "non-deniable' email.
An advantage of the scheme suggested in TFA is that it is non-deniable long enough to prevent the problems like AC posting, but short enough to avoid most of the worms in the can it opens.
Re: (Score:3, Interesting)
The idea, from reading the actual article, is that DKIM keys were used to verify that the Hunter Biden emails on his laptop were legitimate. The writer would much rather not have this happen and embarrass Joe Biden. If you release the keys, it would no longer be possible to verify that the DKIM signature on the emails is real because they could have been forged on some day after the keys were released.
It's all about protecting one's political side.
Re: (Score:1)
The idea, from reading the actual article, is that DKIM keys were used to verify that the Hunter Biden emails on his laptop were legitimate.
You still believe this nonsense? Wow.
Re: Worst possible idea? (Score:5, Informative)
Hacking these keys took serious resources, 5 years of running hash digest attack using 1024 GPUs running 24/7, finally you got the key to plant any evidence you want on anyone, ... and this professor dude is suggesting making it useless.
Re: Worst possible idea? (Score:5, Insightful)
Well setting aside your political attack, I think he is technically correct that DKIM was was never intended as a long-term verification of origin, but has become such by virtue of the secret keys nominally remaining secret. Except that depends completely on how well they have been protected, which is not really part of DKIM practice. By releasing the private keys google would both make it impossible to use the DKIM signature as long-term verification and make it pointless to steal the keys to forge such a verification. If they used the same secret keys for DKIM for a long time, I would not put it past a nation-state-level intelligence agency to get those keys.
Also you appear to be a little short on the Hunter Biden email issue as well. It was known that Russian intelligence had stolen information from the Ukrainian company that Hunter Biden worked for. So even if it was his email, there is no reason to necessarily believe, without separate evidence, that it was his laptop. That there would be a manufactured "discovery" just before the election of this stolen information was actually predicted by the FBI way back in January-February.
Re: (Score:3)
Forging emails and putting them on a device is trivially easy, whether you're using a gawdawful monster like the PST files or classic text-based mailbox format. I could grab the header of any legitimate email, forge the contents, and "release" it to the world. It's why I'm always nervous about emails to be used in evidence for any legal proceedings, and why they have to be handled with extraordinary care. SMTP was developed in a much kinder, gentler age, and all the attempts to secure it, short of PGP encry
Re: (Score:3)
Since DKIM signing covers the body, your "grab the header of any legitimate email, forge the contents, and "release" it to the world" attempt would be laughed at due to the DKIM signature of the body not verifying.
Re: (Score:1)
Forge the DKIM signature too. It's the easy step. Once an attacker gets access to the sender's email box, it is game-over. The victim's only hope is that their original emails have been sent/CC'ed/BCC'ed to an email box inaccessible to the the attacker, or if that the victim is using a "record every email crossing the gateway" piece of software.
Re: (Score:3)
Forge the DKIM signature too. It's the easy step.
That's the IMPOSSIBLE step. Unless you have the server's PRIVATE key - which is what this whole "release you DKIM secret keys" is about.
Or unless you can break 2048 bit RSA encryption. But if you could do that you could steal Bitcoin from other people's wallets and become a multibillionare in days.
Body not necessarily signed (Score:3)
Re: (Score:1)
Just because you can predict a future event, with less than 100% probability, does not mean the future event is fake.
Another attack on the World Trade Center Towers and New York City were predicted before 9/11. In fact, flying a plane into the towers was also predicted before 9/11. Does any of this mean that 9/11 was fake?
Biden wining the election was predicted before, does this mean it is fake?
Re: (Score:2)
Bingo. Here is a prediction that is 100% true:
You are going to die in the next 150 years.
Is that fake news too? Did I just have a hand in your demise by predicting it?
Re: (Score:1)
Which is why the Bidens never
Re: (Score:2)
The laptop itself doesn't matter. The most incriminating of the emails have been confirmed using Google's public DKIM keys and two different recipients as valid. One of the recipients has come forward in an interview to detail the whole deal and the two occasions he met directly with Joe Biden, not just his son and brother. It's not just some random laptop no knows is real or not.
Path doesn't matter. That's part of the point. (Score:2, Interesting)
It was known that Russian intelligence had stolen information from the Ukrainian company that Hunter Biden worked for. So even if it was his email, there is no reason to necessarily believe, without separate evidence, that it was his laptop. That there would be a manufactured "discovery" just before the election of this stolen information was actually predicted by the FBI way back in January-February.
But one point of being able to verify the emails is that it DOESN't MATTER how they got to you. You can tel
Re: (Score:3)
True. DKIM was never designed to act as a signing system to identify the sender. It was designed as a fast way to verify that a HOST is allowed to send an email for a specific domain during DELIVERY. It is an anti spam measure that really only has meaning during the actual mail transport.
DKIM is a measure to stop spambots from sending emails from some random internet connected host under someone else’s name and just as spambots are ephemeral, so is the authenticity of a DKIM signature. Use it and lose
Re: (Score:3)
The idea, from reading the actual article, is that DKIM keys were used to verify that the Hunter Biden emails on his laptop were legitimate. The writer would much rather not have this happen and embarrass Joe Biden.
Interesting. The desired info sec characteristic is usually non-repudiation. I can't imagine anyone wanting things to be repudiable, except for people who want to be able to say something then deny they said it. Are there any cases where this behavior is commendable?
Re: (Score:1)
If you make stolen email less repudiable, you increase the incentives to steal email. That's true whether the people stealing email find anything damaging or not, because they usually don't know what they'll get until after they've already stolen it. So, unless you believe that confidentiality is never legitimate, you've made a bunch of badly protected targets more valuable and increased the number of people hacking the systems.
You've also created an incentive to develop the capability to forge "non-repudia
Re: (Score:2)
Re: (Score:2)
Re: (Score:3)
Not really. Most large corporations have strong rules about discarding old emails just as soon as the requirements of all data retention laws have been satisfied and not a second later. It's not necessarily that there's anything incriminating in any of them or that there is anything fishy going on, they just want to make sure that nobody can discover a few emails out of context and make them look incriminating.
Consider a long back and forth over email between friends. A keeps B in a constant state of guessi
Not just Hunter Biden (Score:5, Insightful)
Also the author makes the point:
It's not about picking sides, Author is raising a privacy issue. Joe Biden's son is just the most recent example. He specifically points out that the political implications make people OK with it but that we're not considering the possibility of the system being used for plain 'ole fashion blackmail. e.g. let's say something like Grinder got hacked or that mess with the site that helps you cheat on your spouse.
I mean, if you asked me a few years ago if I thought ransomware would be a thing I'd have said no...
Re: (Score:1)
How is a crack and methhead breaking his laptop and then forgetting about it at a repair shop when it has confidential and probably illegal(That girl was probably under 18 as China likes to pull that sort of shit to compromise people) information on it a privacy issue? He signed documents that turned over the contents to the store owner. It's not like the store owner stole the information beforehand and released it.
Re: (Score:2)
He also mentions "In 2018, the Associated Press used it once again to verify leaked emails tying a Russian lawyer to Donald Trump Jr."
Literally the sentence before.
Your bias (and that of slashdot) is showing. He's not being partisan, but you are
Re: (Score:2)
If you understood how big the Russia intelligence operations are, and how embedded into US industry they are, you'd realize that the point is simply that the Russians already have these keys, and periodically publishing them levels the playing field in certain respects.
Re: (Score:2)
Not to mention that he used examples across the political spectrum to illustrate the concept.
Re: (Score:1)
This can be done with a choice of free blockchain based services, but there are many other ways to prove that you had a piece of information before a particular point in time. Before the internet, people published in widely distributed newspapers
Re: Worst possible idea? (Score:4, Insightful)
This was my thought to. I don't see have this makes most of us any less of a target. About the only people who stand to gain for this are
1) Criminals who want to be able deny having being the sender of e-mails
2) Politicos that want to deny having been the sender of e-mails
I supposed if you are the RNC/DNC/Hunter Biden/Donald Trump (2) might be some hackers have less incentive to target you and try to release your mails but this seems like problem that isnt really in the public's interest to solve. As much as we don't really want vigilate e-mail hacking, not sure I want to create an effective statue of limitations on e-mail verification.
Its like with paper records, you have a destruction policy so you are not accused of deliberately destroying evidence, if there is some later discovery motion. Its "We shred every document of type X after the N years the law requires us to keep it." However there really isn't a physical need to in 2020 to get rid e-mail correspondence and if all you do is get publish the signing keys without destroying the data, well now there is practical reason to do that at all EXCEPT to make forensics impossible.
Re: (Score:1)
3) regular people with something potentially embarrassing in their past that is not really anyone else's business anyway. We don't want the next wave of "I saw what you did" scams to actually include authenticatable emails revealing sexual orientation, STD treatment, nasty case of 'roids, etc.
Re: (Score:3)
We don't want the next wave of "I saw what you did" scams to actually include authenticatable emails revealing sexual orientation, STD treatment, nasty case of 'roids, etc.
Except those scams are BS. The people that send those have nothing, so they certainly don't have DKIM verified e-mails from the victim, unless the victim really did these things.
As far as the other stuff goes, for the most part Joe average is going to have a mixture of people in his life who believe his lies about not have sent those mails and those that dont, and DKIM inst going to convince any of them one why or the other because they are not professionals of a kind that know what DKIM even is. Finally w
Re: (Score:2)
Except those scams are BS. The people that send those have nothing, so they certainly don't have DKIM verified e-mails from the victim, unless the victim really did these things.
Even assuming they got actual email 'purportedly' from the target to bolster their scam, I doubt they would even care about trying to validate the DKIM, they would just accept it at face value and craft their scam, because best case its accurate, worst case someone faked it and your already fake looking scam still looks fake.
One thing that's bad about DKIM is that there is a built in large set of people that could fake an email if it fits their agenda, compared to say a personally signed email where the key
Re: (Score:3)
Of course the scammer doesn't care if it's real or not, but they sure would like for their mark to be able to see that it's real (and that everybody else will be able to verify it) in order to crank the fear factor high enough to get a payoff.
Re: (Score:2)
Actually, many of them have one kernel of truth, an actual password someone with that email address used on an actual website. True, that's generally the only thing true about those emails, but it sure does help amp up the fear level for the victim.
The latest wave of those scams seems to be omitting that part.
Re: (Score:2)
Right
they have an old password cracked from a widely available data breach. They are banking on the fact that most people re-use passwords and pay not attention to breaches. They wont realize that password was recovered from an hack on a hotel chain 6 years ago, and might actually believe the attacker got it from whatever less socially acceptable sites its being suggested they are known to have used.
My point still stands the only relationship to this DKIM discussion those scams have is they are often e-mail
Re: (Score:3)
You seem to have a fundamental mis-understanding of the problem space.
1) DKIM authenticates the SENDER, not the recipient.
2) When you send an email, the copy in your sent mail folder is not the only copy that exists. The sender doesn't control the fate of the other copies at all.
Beyond that, a forger doesn't necessarily have to crack a DKIM key. They might come up with one by diving the right dumpster. The mail admin might not consider a DKIM key that has been rotated out to be a security concern since i
Re: (Score:1)
Someone who is serious about framing you could constantly collect your public keys and create "proof" of authenticity for any time frame he wants.
Re: Worst possible idea? (Score:2)
Re: (Score:3)
That is not how DKIM works. You publish the public key with an Id in DNS and rotate the private key by giving it a new Id and signing new mails with that. You can keep the old public keys in DNS till kingdom come and they can still be used to verify mails.
Re: (Score:2)
Therefore you can't prove the validity of old ones.
Re: (Score:3)
They suggest rotation and publishing old keys. That way the DKIM protocol can't be used to certify stored email, something it wasn't designed to do.
Re: (Score:3)
What's wrong with certifying stored email?
Re: Worst possible idea? (Score:1)
Re: (Score:2)
How? What kind of graft would rely on google certifying stored email?
Re: Worst possible idea? (Score:1)
Re: (Score:2)
That assumes that "secret emails" come through gmail, and that there is no other evidence at all. Not exactly a relevant issue.
Re:Worst possible idea? (Score:5, Informative)
It wasn't signed by the sender, but by Google. WIth a key Google has (or had) in their possession. So Google can forge emails that verify under DKIM. Anyone who manages to steal the key from Google can do it too. The old DKIM keys were thought, at the time, to be only useful for preventing spam as the email was sent. No one was thinking they'd use this key again to certify an email five years later. So how careful were they since 2016, when they rotated that no longer useful secret key out and stopped using it?
Re: (Score:2)
I can't help but notice that you re-iterated the point made in the article and completely ignored the question I asked. So I'll ask again:
What's wrong with certifying stored email? I'm going to help you a little bit in that "yes, I understand how it works". I don't need a short lecture on the obvious. I'm asking what is the problem with it?
Because you see, Google can forge emails regardless. It's their server. And since this isn't used to actively certify stored email, there's no value in forging it. You're
Re: (Score:3)
You need to read and think a bit more and knee-jerk less. Maybe there is an issue besides the one you want to complain about.
What's wrong with believing leak of stored email has been cryptographically certified as authentic when it has in fact been forged by someone in possession of an old anti-spam key that no one cared about much at the time?
Re: (Score:3)
>What's wrong with believing leak of stored email has been cryptographically certified as authentic when it has in fact been forged by someone in possession of an old anti-spam key that no one cared about much at the time?
Ah, you're pushing for plausible deniability for Hunter Biden because that's one of the several points that provided evidence that leaked emails were real. That explains the projection with "knee jerking" when I merely asked a general question.
It's still utterly irrelevant though. In Bi
Re: (Score:1)
You: What's wrong with certifying stored email?
You, later: Because you see, Google can forge emails regardless.
You just answered your own question. DKIM isn't a mechanism for validating stored emails.
Re: (Score:2)
And that is a problem because...?
You're dancing around the question, as if desperate to not answer it.
Re:Worst possible idea? (Score:5, Informative)
The purpose of these particular keys is ephemeral. It needs to prove the authenticity long enough to move the email from origin to destination, nothing more or less. As long as the secret key is not published until after the longest plausible delay between origin and destination, mission accomplished.
After that time, the DKIM has a sometimes unwanted side effect of authenticating potentially stolen emails years after the fact. The best way to eliminate that side effect is to publish old secret keys so that any idiot could forge a message from the era where the key was valid. Mission Accomplished.
Nothing in that impacts the INFRASTRUCTURE in any way, only the individual keys. And it only destroys the usefulness of the individual key after it's served it's purpose and been retired.
If you want to send an email that can be authenticated years later, just make your own pair, publish the pubkey and sign your message. Don't publish your secret key.
Re: (Score:2)
Destroying the long-term usefulness of the key is the entire point. He wants to do that. He wants this virtual spam-or-not bit to wear out and eventually become meaningless as the email ages. After all, you probably only need it for a few minutes. Once delivered, those headers are obsolete.
I can sort of see his case, but then he goes a little nutty in saying that the durability of this spam-or-not bit incentivizes the stealing of email. That is, the spam-or-not bit makes your emails much juicier. Ehhhh.. I
Re: (Score:2)
Your emails are juicier if you are or become a big public figure, where there is a significant audience who cares that needs *proof* without having contextual data to evaluate the veracity of a claimed email.
Your emails are about the same if you are a random person, as taking your emails at face value without being able to cryptographically prove it is about as valuable. You sent some sensitive info that can be used to tailor a scam? No need to validate it, assume it is true. Have some compromising email co
Re: (Score:2)
The intended beneficiary seems to be Hunter Biden. He can't plausibly deny the emails on his laptop, because Google signed them through their DKIM infrastructure.
The author of the article notes that one of the messages in the 'Hunter Biden laptop' was genuine and authenticated with DKIM keys to make the dump look vaguely plausible,
Re: (Score:2)
So the Oligarch was authenticated, not Biden. DKIM authenticates the SENDER.
Re: (Score:1)
Re: (Score:1)
Hunter has been doing the Biden family dirty work the last couple decades, why would we want to remove way of proving soon to be president-elect is a crook and pedo too?
Re: (Score:1)
not true, Trump groped / molested women of age. Crook? I'm pretty sure he played the system legally, remember the Golden Rule: "those that have the gold buy the rules."
Not sure why you would publish (Score:2)
if that is the case some type of key revocation and rotation could be needed!
Heck, maybe the world should automatically mark all Google originated email with their DKIM key as spam.
Maybe since everything @ Google(all big tech, social media) is just marketing and ad crap, no one in the real world really needs to see the emails.
Re: (Score:2)
Yes, he wants Google to regularly rotate their private key and publish the retired one, on the basis that repudiation is a more valuable feature than non-repudiation. He argues that nobody asked for long-term non-repudiation when signing up for their commercial email accounts, but nobody specifically asked for deniability after N months, either.
Re: (Score:2)
I disagree with this wuss Matthew, dirtbags need to go down in flames and leaked emails can be useful tool. If you don't want to have dirt on yourself, don't do evil.
So when you're email gets hacked and they find all the naughty stuff you've been up to.... you know that porn fetish you don't want your wife to know about... and they ransomware you... we will remind you that you said this.
Re: (Score:1)
My wife can and does see the porn I watch in den, but there is nothing "naughty" in email. You're funny imagining a problem most don't have, most people's email is very boring. So, YOU have email you're ashamed of because you're not normal?
Re: (Score:2)
If I did craft such an email, you would not need to *prove* it with DKIM, because people who might care what I said will evaluate the credibility of the forgery with reasonable accuracy without the proof of DKIM. The people that would care about my stuff know me and any other implied person in an email to evaluate whether such a claim is total fiction.
In this specific case, the DKIM concern is an issue only for public figures, which may be plenty to justify a rethinking of how we require such people to auth
It's a call for evidence tampering and fake news. (Score:2, Informative)
Exactly!
And for about the last two weeks (since October 30) anybody who gets hold of the raw emails can verify them for themselves.
Three of the troves that include such emails are the disk from the Hunter Biden laptop, the Wikipedia's leaks of Podesta's email exchanges (the Hillary campaign leaks), and the files of Trump's lawyer Mark Kasowitz.
Some of
Re: (Score:3)
I don't know of any email service that outright deletes or marks a message as spam because of a DKIM fail. Most spam systems use weighting, and DKIM failures are given a specific weight. If everything else about an email seems legit through more typical bayesian processes, then the email gets delivered. When the first attempt at "signing" emails and MTAs for antispam purposes came out with SPF and DKIM, a whole lot of experts said it wouldn't work, because of the nature of the SMTP protocol. Nothing has cha
Re: (Score:2)
Google outright rejects messages that fail DMARC if you publish a p=reject DMARC policy.
Re: (Score:2)
Right now DKIM signed email is the only SPAM email I'm receiving. DKIM makes no sense as a trust token or proof of origin when someone can just open an account and start spewing email from the likes of Gmail, Outlook, Yahoo or other large mail provider.
Re: (Score:1)
All these anti-spam methods all became pretty much useless with cheap registrars. I was involved in a number of forums that were part of the development of both SPF and DKIM, and we told them at the time that these measures were futile, and problematic in their own right. There's just no way to really fix SMTP, save for point to point messaging protocols, but that would make it worthless as a general delivery system.
SMTP is what it is, and that someone is using a fundamentally broken system as some sort of
Here is a better solution (Score:2, Interesting)
Sending mails with DKIM means you give someone else an assurance at the cost of giving up the deniability you had without it. That is what it is meant to do. Publishing the keys can not guarantee that someone can't prove authenticity. (The articl
Re: (Score:1)
Better yet EDUCATE PEOPLE how to use it (Score:5, Insightful)
As a sysadmin that administers out email servers, you don't know how many times users email us about emails from contacts getting blocked due to misconfigured protections. SPF is the major offender, but we also get DKIM failures all the time. It's some admin half assing implimenting it for their domain. Usually, it's because they add SalesForce or something and it tells them how to add DKIM or SPF record, and they inadvertently do not turn it on for their primary email servers, adding DKIM to the servers or for SPF not adding in their server's IP's or IP ranges to SPF's "allow" list.
Before anyone ever even thinks of the idea of adding rotating DKIM keys or such, please teach people how to do it correctly or the problem's only going to get worse.
Re: (Score:2)
DKIM is useless in blocking SPAM. The biggest distributors of SPAM are Google, Outlook, Yahoo and other large organizations who issue accounts that can be abused and dropped. So not only does it block legitimate emails when miss-configured but does very little to stop spam. Now SPAM is DKIM signed.
Re:Better yet EDUCATE PEOPLE how to use it (Score:4, Informative)
You're right. DKIM and SPF are useless in blocking SPAM. They aren't designed to block SPAM. Period. They're designed for domain security and control so email addresses and domains cannot be spoofed. They do their job really well when used properly, shy of accounts being compromised. (And I'm talking G-Suite or O365 organization emails being hijacked, not consumer GMail or Outlook.com emails which anyone can go and make and send SPAM from). A DKIM signed email, or a email that passes SPF means nothing in terms of SPAM and wasn't designed to be a indicator for SPAM. Only Spoofing.
Re: (Score:2)
Re: (Score:2)
> Usually, it's because they add SalesForce or something
You know that salesforge "button" which verifies that SPF setup is correct does not cover all possible cases and single minded button pushers start arguring that SPF setup is not correct when Salesforce button goes red. Salesforce themselves are messed up with having outgoing email servers that are not listed in their SPF record.
Related (Score:2, Informative)
The analysis of the one, single, solitary email that has been released in the Hunter Biden case:
https://github.com/robertdavid... [github.com]
The text of that email:
Where did get this idea (Score:3)
Where did he get this idea that non-repudiation was "never thought about." I'd love to see some evidence to support that claim. Even it just some early design documents that don't mention it or related topics.
I was a mail admin back when DKIM first arrived on the scene as far as any partners actually supporting it. So probably around 2010. We certainly were talking about non-repudiation aspects of it then.
This is from the 2007 RFC:
"
The ultimate goal of this framework is to permit
a signing domain to assert responsibility for a message, thus
protecting message signer identity
"
The whole point make e-mail more useful business. Being able to able to act on e-mail means in a lot of cases being able to trust the sender won't pull an "I don't know you later" your broker does not want to accept you buy order for 200 shares of ... only for you turn round and say you never sent that if at 4:05 pm you check and see the stock went down that day. He wants non-repudiation! The truth is you did too because you wanted to be able to do a transaction like that via e-mail, rather than have to deal with some BS like faxing an order in.
Re: (Score:3)
The problem is that keys used today are weak - and the ones used in the past even weaker.
In 2030 it will be trivial for a nation state to forge an email sent in 2020 that matches today's DKIM, and for a bedroom hacker to do it for an email sent in 2010.
Encryption that we tend to use is good enough for now - but not for 20 years time. In the 2032 election when Donald Jr is dukeing it out with Ocasio-Cortez, it will be easy for Russia, China, Nigeria, or probably even 4chan, to fake some SKIM signed emails fr
Re: (Score:3)
The whole point make e-mail more useful business. Being able to able to act on e-mail means in a lot of cases being able to trust the sender won't pull an "I don't know you later" your broker does not want to accept you buy order for 200 shares of ... only for you turn round and say you never sent that if at 4:05 pm you check and see the stock went down that day. He wants non-repudiation! The truth is you did too because you wanted to be able to do a transaction like that via e-mail, rather than have to deal with some BS like faxing an order in.
DKIM doesn't authenticate the sender. It authenticates the server that the sender used to transmit the mail. If you want a digital signature for authentication, then digitally sign the the document with a certificate that provides person identity. S/MIME has been available in enterprise email systems for decades.
Re: (Score:2)
DKIM doesn't authenticate the sender. It authenticates the server that the sender used to transmit the mail. If you want a digital signature for authentication, then digitally sign the the document with a certificate that provides person identity. S/MIME has been available in enterprise email systems for decades.
Right it authenticates the server is one authorized by the sending organization. For business use that is often good enough. "A representative of ACME told me to ship W.E.Cyote that warhead" is all you are going to need in a lot of contract disputes. You will argue the e-mail was DKIM signed so it really came for ACME and you have a history of normal legitimate transactions with them in the same fashion.
The reality is S/MIME implementations exist but by and large its to difficult and complex for end users
Re: (Score:2)
But DKIM is even more obtuse and less actionable to the end user than signed email. Does the originating server have a p=reject policy? Does your organization's mail server enforce DKIM policy? The average email end user has no idea how to validate these things.
At least with S/MIME, Outlook will show a little lock icon on the toolbar if the mail is signed and pop up a warning if the signature is invalid. It's also pretty trivial to issue identity certs out of Active Directory if that's the route you wan
Just claim your account was hacked (Score:3)
DKIM just verifies that the email was sent by a Google server, it doesn't include a hash of the sender DNA. Just claim your account was hacked and be done with it.
Re: (Score:2)
Validating past emails is useful (Score:2)
Re: (Score:2)