On 11/23/20 12:15 PM, Brandon Long wrote:
This recent article also goes into things that DKIM signatures imply:
https://blog.cryptographyengineering.com/2020/11/16/ok-google-please-publish-your-dkim-secret-keys/
<https://blog.cryptographyengineering.com/2020/11/16/ok-google-please-publish-your-dkim-secret-keys/>
Perhaps this all means that DKIM has been used for more than it was
intended for.
It is a quirk that we didn't consider at the time. You can't count on
that property because providers can change their selectors at any time.
That said, there is an awful lot of hand wringing for not much gain.
It's not like you need cryptographic non-repudiation to be pretty sure
something wasn't forged. That and non-repudiation has its benefits as well.
Mike
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
