> I think the entire point is that non-repudiation shouldn't just magically happen unless intended, so yes, this is by design, and anyone who wants to send a signed email should explicitly send a signed email.
Let's not pretend that the world would move away from email if Google made this change. We both know that's not going to happen. Given that, can you explain why you think the world would be a better place when emails can be repudiated? When emails can be not be repudiated, innocent people can be framed for saying/doing things that they didn't do. DKIM protects innocent people from being framed. DKIM also protects innocent people against guilty people who commit frauds or other crime.
Nobody's talking about the world moving away from google. We're talking about the world simply not having non-repudiation built into email. A sender of an email doesn't owe you non-repudiation as a feature. Sorry if you think otherwise. Senders can add non-repudiation as a feature if they want to, which satisfies your purchase receipt scenario.
> Nobody's talking about the world moving away from google. We're talking about the world simply not having non-repudiation built into email. A sender of an email doesn't owe you non-repudiation as a feature. Sorry if you think otherwise. Senders can add non-repudiation as a feature if they want to, which satisfies your purchase receipt scenario.
Please explain to me how I can make Amazon (or any other webshop) add non-repudiable contracts to their order flow? That's right, I can't. And no, I don't think that Amazon "owes" me non-repudiable emails, but now that we have non-repudiation by accident, it's certainly nice to have, and the world would be worse off if we removed that feature and replaced it with nothing.
You can't force their DKIM signatures to be good forever either. You're basing some sense of security on a cryptographic property that simply isn't true. Would the world be worse off if you couldn't rely on DKIM signatures indefinitely? I don't know, are we worse off? Because whether you accept it or not, that's the exact situation we're in now.
So if something does not provide a perfect guarantee, it's "nothing"? You realize that handwritten signatures on a paper contract do not provide a perfect guarantee either? Signatures can be forged. And the paper is not going to remain in perfect condition forever, at some point in the future the paper is going to decay. Does that mean we can never know anything about anything? No. Of course we can have evidence about events which occurred in the world, even if the evidence doesn't provide a 100% guarantee of something, indefinitely. For example, a handwritten signature on a paper can be imperfect evidence that the contract took place, or a DKIM signature on an email can be imperfect evidence that the email is not a forgery.
First, "innocent people can be framed" is not that simple.
Without non-repudiation, you don't automatically get to frame someone for whatever. You need to provide the usual (non-DKIM) evidence of whatever you're claiming.
And even with non-repudiation, you can still try and frame someone. Not having the DKIM signature might be suspicious in some circumstances, but it doesn't eliminate the possibility.
Yes, I agree we should have secure private messengers. But that has nothing to do with this discussion. First off, email is not a secure private messenger. Second, email would not become "more secure" by removing the accidental, partial non-repudiation that DKIM provides. Third, this comment chain that you are replying in right now, is about whether there exists any legitimate need for a third party to authenticate emails with DKIM after the emails have been sent. tptacek claimed that no such legitimate need exists. I've been arguing against this with a specific counter-example.
"with DKIM" is the part of your argument you've failed to back up. Yes, you have a counter-example that requires authenticated emails. You don't have one that requires authenticating emails with DKIM.
> "with DKIM" is the part of your argument you've failed to back up. Yes, you have a counter-example that requires authenticated emails. You don't have one that requires authenticating emails with DKIM.
That's because we aren't discussing a proposal to switch from DKIM authentication to a different method of authentication. We're discussing a proposal to abandon the partial non-repudiation property that's accidentally provided by DKIM, and replacing it with nothing.
> I'd argue that we currently have that "nothing" and are just trying to be explicit about it.
If you want concrete examples of how the partial non-repudiation property provided by DKIM is not "nothing", you have to look no further than the examples provided in OP.
And yet all of those examples go poof very, very easily, based on something that's not in your control. So yeah, I think they're nothing.
Let me give you a scenario to consider. At my old company, there was a mail server that would DKIM-sign everything that was passed through it. Anybody who wanted to on the internal network could write an email with tampered headers (say, backdated, or "From:" someone else) and send it through this server. This was acceptable because the SOLE PURPOSE of this signing was improving SMTP deliverability. It tells other mail servers "yes, this SMTP payload actually originated from this company. Please do not treat it as spam." So given one of these signed messages, what can you argue about the contents? Nothing, other than "these did not come from a random spammer posing as this company."
You run risks when you assume a signature means something that the signer does not actually intend it to mean.
Let's not pretend that the world would move away from email if Google made this change. We both know that's not going to happen. Given that, can you explain why you think the world would be a better place when emails can be repudiated? When emails can be not be repudiated, innocent people can be framed for saying/doing things that they didn't do. DKIM protects innocent people from being framed. DKIM also protects innocent people against guilty people who commit frauds or other crime.