What's stopping someone from recording each public key as it is entered into ser... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		tomc1985 on Nov 16, 2020 \| parent \| context \| favorite \| on: Ok Google: please publish your DKIM secret keys What's stopping someone from recording each public key as it is entered into service and providing a DKIM authentication service with it? There are already such things for domain data.

mspecter on Nov 16, 2020 [–]

Hi! Check out our Usenix 2021 paper on exactly this topic. The key insight is to release private keys over time:

http://www.mit.edu/~specter/blog/2020/dkim/

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact