It’s almost as though Google wants stolen emails to be cryptographically authenticated.
Conversation
So are we saying that we would like the authenticity of OLD email to be completely disavowed?
This would then seem to provide the same protection to historical senders as per OTR Messaging, is that an advantage?
1
2
There’s no reason for anyone to be able to say “yes this three year old message was definitely signed by Google”.
2
1
3
DMARC is an anti-spoofing mechanism based on DKIM and can be used in a strict way. It prevents sending emails fraudulently claiming to be from an origin that has a strict DMARC policy. It's verified by mail servers when receiving mail to stop spoofing, so still not long-term.
1
2
So you're 100% right that it's short-term and not meant to be verifiable long-term, but it's not just anti-spam due to DMARC.
They could much more frequently rotate keys and publish the old ones without breaking what it's meant to achieve. Rotating fast isn't really possible.
2
Gmail had the same public key from 2012 to 2016 and still hasn’t published their secret key for that time period. I see no reason why that’s a good thing.
For all we know, it’s been stolen since then and the *only* people who can forge messages credibly are state actors.
1
2
The AP even publishes a tool for verifying signatures to authenticate stolen emails.
1
1
Yeah, I mean that the practical limit is a key being valid for a week or so and then valid for another week or so after that because of how mail servers work. Could publish the private key once it's removed from DNS records with a fair bit of leeway for overly long DNS caching.
2
1
If mail servers didn't work in this weird asynchronous way with the standards calling for retrying later, it'd be possible to quickly rotate them. Can't really avoid it being verifiable for a couple weeks that the email was sent from the domain.
1
For non-Gmail, where the keys aren't widely archived, it's still possible to make these kinds of claims if you've archived DNS records for the domain and they have DNSSEC.
Of course, someone may have compromised the keys and forged emails, which could be the case here.
Google is really good at protecting its keys. But there’s no indication that they’ve been able to protect four year old DKIM signing keys that well.
1
Then again if DKIM is just a SPAM salve on the consciousness of mail providers perhaps its only important to rotate the keys when we see actual faked signatures
I know I would not use DKIM unless I was forced too
1
Show replies