> Non-repudiation over time is a truly powerful property of DKIM'd email for a great many uses outside of blackmail.
Exactly. If one enters into an contract using an e-mail, then DKIM can be used as a proof to the court of law that the contract was accepted by both sides.
Yes. I have seen first hand where it was used to help accelerate out of court agreement without needing a lawsuit. Basically a 3rd party had one of their outlook user accounts compromised by a bad actor who used it to tell another company new instructions for something.
The 3rd party tried to say other company fell for a phishing email and it was their fault but because of DKIM it was immediately provable that instead 3rd party was compromised and email legit sent from their o365 and they were pretending like they didn't know this. This all got disputed maybe a year after email sent.
Love Matthew Green but I personally am not a fan of this proposal. It doesn't fully achieve what he wants bc its only gmail and timing of compromise would be key. Most of the email hacks have actually been very much in the public interest despite being unethical. Breaches also lead to more productive work by companies in better securing accounts and better protecting sensitive information which google has been doing with account security and adding expiring messages.
Like do we really want companies to just continue sloppily sending customer info in email bc they can deny its legit or should they focus on not getting this info compromised to begin with?
Also, for ransomeware groups that now post data when not paid, it is not really seeming like too big of a disincentive that there is repudiation regarding the files they post.
If non-repudiation is important to you, then both parties should consent to it and use a platform that explicitly supports it.
It shouldn’t be sprung on people without consent. It would be like saying it’s fine to keep a recording from someone else’s webcam because it might prove a crime later.
There’s a reason why justice systems have statues of limitations. People should need to look over their shoulders for the rest of their lives because of one poorly written email.
It is not really being sprung on them with how long it has existed. Not at all like continuing recording on a webcam where you might say things never intended for the party receiving it.
Are ppl who don't even know DKIM exists but know they have shady emails saved in the cloud or on their personal really just banking on repudiation and thats why they take no other action like deleting the email or putting more thought into emails they send? Seriously doubt it.
Exactly bc of statute of limitations, they would not have to look over their shoulders for the rest of their lives because of one poorly written email.
Consent needs to be given freely, with knowledge of what you’re consenting to. If it’s not free and knowledgeable, it’s not consent.
I certainly didn’t realise that DKIM can be used as a non-repudiation signature, I’m sure most people using email don’t.
Thus there’s no consent and I would say that non-repudiation has been sprung on me.
The duration has nothing to do with it. Just because you can keep a camera hidden in someones room for an extended period of time doesn’t mean it’s ethical or consensual to record them.
Finally statues of limitations don’t protect people from a trial in social media. Social media is just as capable as the justice system of destroying a persons life. Unfortunately Twitter doesn’t have a statue of limitations.
I think it is less about user behavior and understanding than it is about the incentives it creates for nefarious actors. Basically, if emails can't be cryptographically verified then stealing a bunch of emails and anonymously dumping them somewhere is pointless since most people would probably not consider them authentic.
> Exactly. If one enters into an contract using an e-mail, then DKIM can be used as a proof to the court of law that the contract was accepted by both sides.
It would make a good TV drama plot, but courts don't work this way in real life. If that were the case, courts wouldn't be able to enforce contracts with wet signatures (which are straightforward to forge), or verbal contracts (which are valid contracts and regularly enforced).
In practice, you don't need to check DKIM in order to use an email as evidence of a contract, because the courts would more likely just use the many other threats and tools at their disposal to ensure that the email is not fabricated.
This is why, even though most contracts are not executed in a cryptographically secure manner, most contract disputes that land before the courts hinge on matters like breach of contract ("we agree on the original terms, but disagree on whether our actions upheld them") or disputes over the intended vs. actual meaning of the contract ("we agree on the text we both signed to, but disagree on the correct interpretation of that text").
Disputes over whether the text of the executed contract is authentic are rare in real life.
> If that were the case, courts wouldn't be able to enforce contracts with wet signatures (which are straightforward to forge)
I'm pretty confident that I could sign an email with a DKIM key if that were published, however, there's nothing that would give me the confidence that I could forge a pen signature in such a way that not even an expert could detect the forgery.
> or verbal contracts (which are valid contracts and regularly enforced).
I'm not a a lawyer, but according to the first google result "the Uniform Commercial Code [...] requires that contracts for the sale of goods over $500 to be in writing".[1]
> Disputes over whether the text of the executed contract is authentic are rare in real life.
Maybe they are rare precisely because it's hard and risky to forge signatures.
I'm not a a lawyer, but according to the first google result "the Uniform Commercial Code [...] requires that contracts for the sale of goods over $500 to be in writing".[1]
In practice, this doesn't seem to mean that every time you buy an iPhone, Apple provides you a paper contract authenticated with an actual verifiable hand-signed signature of an authorised officer.
Not to mention that DKIM only validates that en email was sent with particular content from a particular email address. It cannot ensure who was actually sitting at the keyboard composing the email.
I don't know about your country, but in mine (The Netherlands), it is a completely and utterly valid way to enter a contract.
Actually, you are free to enter a contract in any way possible. It is vormvrij (translated: form-free). Excluded is the purchase of a house, as far as I know. But for the rest, you are free to come to an agreement via WhatsApp, Facebook, email, or a scrawl on a piece of paper.
Because, without DKIM, a dishonest party can repudiate the email. Just as a written contract is superior to an oral contract, a non repudiable written contract is superior to a repudiable written contract.
> In which scenario Amazon would deny sending an email and you would be protected by DKIM?
You want a specific scenario of a dispute between a vendor and a customer? Ok. Let's say I email Amazon's customer support to ask them if a specific order is going to incur customs fees, and the Amazon representative emails me back that the order is not going to incur customs fees. Then I make the order, and to my surprise, I do have to pay custom fees. I contact Amazon to ask them to compensate me for the fees, but Amazon now claims that they are not responsible for custom fees. At this point I would be protected by a copy of the email where they claimed that I would incur no customs fees. If I can demonstrate to Amazon that I have proof of their false claims, prior to the purchase, they will be inclined to compensate. If they refuse to compensate, I can (depending on jurisdiction) take my claim to small claims court and present my evidence there. In this case it's unlikely for anyone to actually validate the DKIM signatures, but it does matter whether email is generally considered to be non-repudiable. If you run a campaign to make email repudiable, and make sure people should know email is repudiable, then this email will be less convincing as evidence.
If you run a campaign to make email repudiable, and make sure people should know email is repudiable, then emails will no longer be convincing evidence.
The original email spec doesn't provide any security against forgeries. The "sent from" field in email is about as secure as the "sent from" field in physical letters. The only reason why laypersons consider email to be non-repudiable is because of additional protocols like SPF and DKIM that were implemented after the original spec. Without these protocols email would be considered repudiable, which OP considers to be a preferrable outcome.
> And that commerce existed before emails?
Yes, and? I'm not claiming that all commerce would come to a halt immediately if this campaign for email repudiability was successful. Of course commerce would continue to exist. But the world would be worse off, not better. There would be slightly more disputes, and dishonest parties would increase their chances of defrauding honest parties.
> You don't need DKIM to solve the issues you've pointed out.
Are you alluding to hypothetical alternative protocols for authenticating contracts? If you can make the world move off from email, that's great! Email is horrible! But if you can't make people move away from email, you won't make the world a better place by making email less secure.
> Again: How many disputes like that have been resolved with DKIM?
How many? As in, you expect me to have statistics on it? Are we pretending that when people resolve disputes, they mark their disputes in some kind of global database that we can query for statistics? You're not making any sense.
> The only reason why laypersons consider email to be non-repudiable is because of additional protocols like SPF and DKIM that were implemented after the original spec
You really think that laypersons have any idea of what DKIM is?
> But the world would be worse off, not better.
That's the whole point of this discussion. You seem to be arguing that the world would be better with non-repudiable email. But then I ask how many disputes have been resolved with DKIM and you have no idea. So basically your argument has zero basis in reality.
You're asking for every email user to have non-repudiation enforced unwillingly to them in every email they send so that someone maybe someday may solve some imaginary dispute with Amazon by using DKIM.
> You really think that laypersons have any idea of what DKIM is?
The layperson doesn't have to understand the intricacies of email protocols, it's enough that they consider email to be non-repudiable. This is why a copy of an email typically suffices as "proof" of a contract. If you successfully run a campaign to make email repudiable, then laypersons will no longer consider email to be non-repudiable, and emails no longer suffice as "proof" of a contract. If you disagree with something I said here, can you specify which part it is exactly that you disagree with?
> You seem to be arguing that the world would be better with non-repudiable email.
Yes, the world is better off now, at a time when laypersons consider e-mail to be non-repudiable, compared to a hypothetical future where this is no longer the case.
> But then I ask how many disputes have been resolved with DKIM and you have no idea. So basically your argument has zero basis in reality.
So if I can't give the exact number of times that DKIM has helped in dispute resolution, then my argument "has zero basis in reality"? This doesn't make any sense. If I said that "the existence of courts prevents vigilantes", you could say the same thing: "well what's the exact number of times that the existence of courts has prevented vigilanteeism? ha! you don't know the exact number! your argument has zero basis in reality then." We could apply your logic to many other scenarios: what's the number of times that existence of guards has prevented prison breaks? What's the number of infections prevented by vaccines? We don't know the exact numbers for any of these things, and yet we can logicly deduce that courts prevent vigilantes, guards prevent prison breaks, vaccines prevent infections, and DKIM prevents breaking contracts.
> You're asking for every email user to have non-repudiation enforced unwillingly to them in every email they send so that someone maybe someday may solve some imaginary dispute with Amazon by using DKIM.
Laypersons already believe that emails have non-repudiation property. People are free to use secure messengers to communicate privately. When people choose to communicate with email, they are choosing non-repudiation over privacy. You are the one who is asking to change e-mail protocols so that they would work differently than people currently expect. I'm the one saying e-mail should work like people expect e-mail to work.
> The layperson doesn't have to understand the intricacies of email protocols, it's enough that they consider email to be non-repudiable.
They consider it non-repudiable not because of DKIM, it's just a common misconception. People believed that before DKIM. They will still believe it if Google discloses its DKIM keys.
They totally should not believe it, though.
> So if I can't give the exact number of times that DKIM has helped in dispute resolution, then my argument "has zero basis in reality"?
Of course that's not what I meant, I don't care about exact numbers. Just give me some evidence that DKIM is relevant to solve disputes anywhere else other than in the minds of HN commenters. Otherwise your claim that the world is better off now with non-repudiable email has no basis in reality.
> they are choosing non-repudiation over privacy
They totally are not. They have no idea what are the properties of email. As an example, a non-tech friend of mine was once surprised that email does not provide any confidentiality.
We're discussing a campaign whose goal is to increase the deniability of email. When you say things like "they will still believe [email is non-repudiable] if Google discloses its DKIM keys", you're essentially saying that this campaign will not be successful in its ultimate goal - that even if the campaign manages to get Google to periodically rotate and publish their DKIM keys, it will not achieve the desired effect of increasing the deniability of email. So, you're saying that this campaign is a fool's errand?
I don't have a strong opinion on the chances of success that this campaign has. What I am saying is that if the campaign was successful in increasing the repudiability of email, that would make it easier for people to repudiate emails that they've sent, and that would be a bad thing in the context of resolving disputes. Do you agree?
A signed and scanned PDF is also commonly used, same as an old-school fax-based contract where you sign and send it back. But, yes, the DKIM definitely does not matter for contract purposes.
Exactly. If one enters into an contract using an e-mail, then DKIM can be used as a proof to the court of law that the contract was accepted by both sides.