Hi!
Yes I'm late in this thread but:
On 9/24/25 00:04, Inveigle.net wrote:
On 24/09/2025 3:33 am, John Levine wrote:
abuse complaints to, with absolute certainty of origin. I also use this
information for legal purposes, including the full subset of DKIM-signed
headers in copies of e-mails supplied as supporting evidence. A header
describing what the MDA did is not a substitute that will withstand
scrutiny.
Having done my share of expert witness work, this makes no sense. If you
don't trust the MDA's signature, you're not going to trust any of the
other signatures, either.
There is a vast gap between what you choose to trust and what is and
remains cryptographically verifiable.
I think in this part of the thread you were talking about DKIM
signatures. However with DKIM, keys can be rotated or retracted. So if
you want to use a DKIM signature as cryptographic proof significantly
later (say, in a legal/forensic setting), you'd have to provide a copy
of the key at the time the message was sent/received (and first
validated). _And_ you'd need to proof that this was actually the key
back then instead of you forging the signature after the original signer
rotated the keys (and thus the court/... can't prove against you that
you actually delivered a different "archived" key than the alleged
signer actually used at that time).
IIRC it's part of the design of DKIM (both 1 and 2) that signatures are
usable for validating only "soon" after the message has been originally
sent/signed (ideally the "x" time of a DKIM1 signature, or the maximum
validity period of a DKIM2 signature as defined by the drafts).
[...]
Kind regards,
Hannah.
--
Hannah Stern
Software Developer
Mail Transfer Development
1&1 Mail & Media Development & Technology GmbH | | |
Phone: +49 721 91374-4519
E-Mail: [email protected] | Web: www.mail-and-media.com www.gmx.net
www.web.de www.mail.com www.united-internet-media.de
Hauptsitz Montabaur, Amtsgericht Montabaur, HRB 5452
Geschäftsführer: Alexander Charles, Dr. Michael Hagenau, Thomas Ludwig,
Dr. Verena Patzelt
Member of United Internet
Diese E-Mail kann vertrauliche und/oder gesetzlich geschützte
Informationen enthalten. Wenn Sie nicht der bestimmungsgemäße Adressat
sind oder diese E-Mail irrtümlich erhalten haben, unterrichten Sie bitte
den Absender und vernichten Sie diese E-Mail. Anderen als dem
bestimmungsgemäßen Adressaten ist untersagt, diese E-Mail zu speichern,
weiterzuleiten oder ihren Inhalt auf welche Weise auch immer zu verwenden.
This e-mail may contain confidential and/or privileged information. If
you are not the intended recipient of this e-mail, you are hereby
notified that saving, distribution or use of the content of this e-mail
in any way is prohibited. If you have received this e-mail in error,
please notify the sender and delete the e-mail.
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
