Re: [mailop] DKIM validity period (anti-forgery vs. anti-spying)

> In message <6585e535.11582.3a72...@postmaster.inter-corporate.com>, > Randolf Richardson, Postmaster via mailop writes > > >> The most commonly seen method of tracking is probably inclusion of > >> specifically crafted links in the message, that refer to a tracking server > >> run by the sender

Re: [mailop] DKIM validity period (anti-forgery vs. anti-spying)

In message <6585e535.11582.3a72...@postmaster.inter-corporate.com>, Randolf Richardson, Postmaster via mailop writes >> The most commonly seen method of tracking is probably inclusion of >> specifically crafted links in the message, that refer to a tracking server >> run by the sender, so the sen

Re: [mailop] DKIM validity period (anti-forgery vs. anti-spying)

> Dnia 22.12.2023 o godz. 10:54:54 Randolf Richardson, Postmaster via mailop > pisze: > > > Tracking/spying elements in email messsages are usually intended to spy on > > > the *recipient* - did the recipient read the email at all, did he clicked > > > on a link in the email etc. > > > > ...m

Re: [mailop] DKIM validity period (anti-forgery vs. anti-spying)

Dnia 22.12.2023 o godz. 10:54:54 Randolf Richardson, Postmaster via mailop pisze: > > Tracking/spying elements in email messsages are usually intended to spy on > > the *recipient* - did the recipient read the email at all, did he clicked > > on a link in the email etc. > > ...mail server l

Re: [mailop] DKIM validity period (anti-forgery vs. anti-spying)

> Dnia 22.12.2023 o godz. 16:22:45 Slavko via mailop pisze: > > But my point was (mostly) not about courties cases, i mean usual users > > tracking/spying (contacts, shoppings, opinions, etc), where signature is > > checked once (at receive time), but used/stored forever. And that cannot > > be sol

Re: [mailop] DKIM validity period

On Thu 21/Dec/2023 22:26:34 +0100 Gellner, Oliver wrote: If Google would have published their DKIM private key after it was rotated in 2016, checking the DKIM signature in 2020 would have proven nothing. Yet, if the message was ARC-sealed on forwarding and the forwarder didn't rotate and publ

Re: [mailop] DKIM validity period

Dnia 22.12.2023 o godz. 16:22:45 Slavko via mailop pisze: > But my point was (mostly) not about courties cases, i mean usual users > tracking/spying (contacts, shoppings, opinions, etc), where signature is > checked once (at receive time), but used/stored forever. And that cannot > be solved by rot

Re: [mailop] DKIM validity period

Dňa 21. decembra 2023 21:26:34 UTC používateľ "Gellner, Oliver via mailop" napísal: >If Google would have published their DKIM private key after it was rotated in >2016, checking the DKIM signature in 2020 would have proven nothing. Yes, checking that signature in 2020 is pointless. But if you

Re: [mailop] ECDSA DKIM validation?

On Thu, 21 Dec 2023, Stuart Henderson wrote: If you've had to talk someone not very technical through adding a DKIM RSA key to a poorly implemented web interface from some cheap DNS provider that doesn't handle long TXT records, you might feel differently. I take your point but I can only have

Re: [mailop] ECDSA DKIM validation?

> On 21 Dec 2023, at 17:13, John R Levine via mailop wrote: > > On Thu, 21 Dec 2023, Mike Hillyer wrote: >> John Said: >> >>> I'm sure that Google has code somewhere that can validate ED25519 >>> signatures. But that does not mean that it would be a good idea for them >>> to use that code in