"Sorry, I think what you're looking for isnt useful, you're misinformed" isn't exactly a useful response when someone, especially a customer, asks for something, sadly.
On 7/11/20 3:02 PM, John Levine wrote: > In article <4ac6b77b-375b-4cc0-b2f5-84f769683...@as397444.net> you write: >> More like “customer sees that DKIM is used to authenticate DNC leaks, >> decides that DKIM is a >> terrible idea for a political entity to have on, let alone any random >> business”. > > Sounds like a customer deep into cypherpunk silliness. > > For one thing, while it was kind of cute that we could still check the > DKIM signatures on old DNC mail (I did) that's only because Gmail > never rotates their keys. The signing key was still in the DNS. > Monthly key rotation like I do should be plenty to avoid that unless > messages are leaking in close to real time, in which case DKIM is the > least of your problems. > > The other is that nobody I know found the DKIM validation to be more > than a curiosity. People believed the messages were real because they > knew who used the account and they were otherwise plausible. There was > no cryptographic signature on the Pentagon papers in 1971 but that > doesn't seem to have been any impediment to people taking them > seriously. > > R's, > John > _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop