> As a follow up, several people point out that it could happen to me or a family member, but this seems even further reason to have DKIM so that if someone attempts to blackmail me based on the contents of my email, checking the DKIM signature makes it even easier to disprove a bad blackmail attempt.
I think his point is that the DKIM signatures could be used to verify that you did, in fact, send something worth being blackmailed over, rather than having the plausable deniability of saying that your DKIM private key from that period is already public and thus could be forged.
Which, to me, sounds similar to the classic XKCD "Theoretically, I use 2048bit RSA encryption and the hackers can't get my data. In Reality, they just beat me with a hammer until I give up the password." Maybe a public DKIM argument would hold up in court, but if we're just talking reputation blackmail among family and friends, it aint it chief.
I think his point is that the DKIM signatures could be used to verify that you did, in fact, send something worth being blackmailed over, rather than having the plausable deniability of saying that your DKIM private key from that period is already public and thus could be forged.
Which, to me, sounds similar to the classic XKCD "Theoretically, I use 2048bit RSA encryption and the hackers can't get my data. In Reality, they just beat me with a hammer until I give up the password." Maybe a public DKIM argument would hold up in court, but if we're just talking reputation blackmail among family and friends, it aint it chief.