15 votes

Google should rotate their email DKIM keys periodically and publish past secret keys, in order to remove the unintended capability for authenticating years-old emails

2 comments

  1. [2]
    Deimos
    (edited )
    Link
    This is an interesting article that's been causing some huge arguments. Basically, the DKIM system was created as a way to ensure that an email message really was being sent from a particular...

    This is an interesting article that's been causing some huge arguments. Basically, the DKIM system was created as a way to ensure that an email message really was being sent from a particular address, but the way it's being used, it has an unintended side-effect of being able to validate the content of the emails in perpetuity.

    This means that when a pile of old email shows up because of a leak/hack/blackmail/etc., DKIM can be used to authenticate which of the emails are real. While this can certainly be a good and useful thing sometimes, it also strengthens blackmailers because there's no way to deny that any (or all) of the email is real.

    Matthew Green's core suggestion here is that Google should rotate their keys periodically, and also publish the old secret keys, which effectively gives everyone the ability to forge old emails from Google that will validate as legitimate. This would mean that all those old emails would be deniable, because anyone could easily create fakes that authenticate.

    It seems like many newer messaging systems were specifically built to have this deniability aspect, because it's valuable for privacy. Being able to authenticate all old emails forever wasn't a goal of the system, and isn't an unconditionally good thing.

    7 votes
    1. skybrian
      Link Parent
      I guess it depends what you value and what kind of email it is. If it were an option you could turn on, would you do it? Many companies delete their email by default after a fixed time period,...

      I guess it depends what you value and what kind of email it is. If it were an option you could turn on, would you do it?

      Many companies delete their email by default after a fixed time period, like 90 days, to make sure there is less email available when they get sued. On the one hand this destroys what could be important evidence, and the other hand, employees can speculate wildly or just be wrong about the law and company policy, and this can look bad in court, which is why they do it.

      For the most part we rely more on chain-of-custody than digital signatures. If you send email to someone, they could just keep it and testify that you sent it to them. Screenshots are often used as evidence. As far asI know, nothing Snowden leaked was digitally signed.

      3 votes