[Cryptography] How to prove Wikileaks' emails aren't altered
grarpamp
grarpamp at gmail.com
Thu Oct 27 00:30:38 EDT 2016
On Wed, Oct 26, 2016 at 3:39 PM, Jon Callas <jon at callas.org> wrote:
> This means that in a case where someone has hacked a system, if they have the email stores, they probably also have the DKIM signing key. If they have the DKIM signing key they can create whatever messages they want and sign them, with backdating and anything else they want.
Which is why I Lol'd at Google when Levine noted four years of same
DKIM key use. Google now swaps out their https and other TLS
service keys quarterly or so. Seems they forgot need to do same
for DKIM.
Also haven't looked but I suspect DKIM considers hash over
body message (and possibly other chunks) as optional. In that
case of course body content would be forgeable.
More information about the cryptography
mailing list