top | item 41802250

(no title)

Most people have no way to more-deeply authenticate those emails because you didn't provide headers. Many people, myself included, would love some way to better-rule-out whether parts of the messages had been elided, for example. A DKIM signature would have been a perfect integrity check of the message. It's just good protocol.

As a result of timestamping emails with their DKIM into Bitcoin, now even rotated, broken, or released keys can be used to partially authenticate e.g. Google messages. You can see this for example in this project here:

https://github.com/robertdavidgraham/hunter-dkim

And in particular, here:

https://github.com/robertdavidgraham/hunter-dkim/pull/5

So you see, even historical DKIM signatures can act as strong authentication.

discuss

No comments yet.