In article <4ac6b77b-375b-4cc0-b2f5-84f769683...@as397444.net> you write: >More like “customer sees that DKIM is used to authenticate DNC leaks, decides >that DKIM is a >terrible idea for a political entity to have on, let alone any random >business”.
Sounds like a customer deep into cypherpunk silliness. For one thing, while it was kind of cute that we could still check the DKIM signatures on old DNC mail (I did) that's only because Gmail never rotates their keys. The signing key was still in the DNS. Monthly key rotation like I do should be plenty to avoid that unless messages are leaking in close to real time, in which case DKIM is the least of your problems. The other is that nobody I know found the DKIM validation to be more than a curiosity. People believed the messages were real because they knew who used the account and they were otherwise plausible. There was no cryptographic signature on the Pentagon papers in 1971 but that doesn't seem to have been any impediment to people taking them seriously. R's, John _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop