On 4/4/24 12:43 AM, Jay Acuna wrote:
On Thu, Apr 4, 2024 at 1:23 AM Adam Brenner via NANOG <nanog@nanog.org> wrote:
..
It seems to me that if msn.com is going to include DKIM headers in their
outgoing email, they should also publish their DKIM public key. If they
are not going to publish their DKIM public key, then they should not
include DKIM headers in their outgoing email.
Microsoft can still sign the message, Even if the signature cannot be verified
because they have not yet published the Public Key, for whatever reason.
That is a partial/incomplete implementation of DKIM then.
There is one potential reason a site might want to do this which is to
essentially invalidate signatures from a non-repudiation standpoint.
Simply unpublishing the key while not 100% foolproof is essentially
saying "we don't take responsibility for mail signed with this key
anymore" -- sort of like the expirey tag in the header but with
attitude. The entire kerfuffle about Her Emails (ie Hillary's email
server) was in part about the fact that the mail on it could still be
verified and thus not denied. After, there were calls for providers to
publish their private keys on a regular basis but that went nowhere that
I've heard of. That's probably not what's going on here -- maybe they
just botched a key rollover -- but it still amusing to me that we got
non-repudiation along for the ride [*].
Mike
[*] while DKIM only speaks at the domain level and not an individual
account, if providers always require submission auth before signing that
seems pretty airtight to me
