Hacker News new | ask | show | jobs
by brightball 3404 days ago
I'm just spit balling here so hopefully someone will correct me if I'm wrong but...

With SSL the key exchange happens because you are trying to connect to a specific IP address with an encrypted connection. The cert is issued for the domain you say you're trying to access, vouched for down the certificate chain by certificate authorities that your client can check and warn you about. You get to the IP by connecting to a DNS server to get the address. So even if somebody had the key, they've got to get you to visit their IP with it and the second it's discovered that they key has been stolen the CA can revoke it.

With DKIM you have a key without that entire chain of authentication and all it does it give a receiving email server a place to look to see if the message has been changed in transit, with the key. Anybody with that key can send messages claiming to be from your domain and instead of you having to seek them out, they get to send directly to you so the risk is much higher and the only equivalent of having a CA to void the key is key rotation.

That's why DKIM and SPF (with DMARC) work well together because SPF will at least let you specify authorized origin servers...with the downside being that it breaks forwarders when strictly enforced so a lot of people don't like it and opt to rely on DKIM only.
1 comments
disiplus 3404 days ago
why do you need CA when you control the domain. if somebody can take over your domain you or the reciever has a bigger problem. im not sure what do you get with key rotation that you would not get with using proper length keys.
link
brightball 3404 days ago
If somebody gets the original key by any means, they can impersonate your domain in emails because the corresponding public key is sitting in your DNS to validate the message unless you change it. The length of the key only reduces the chance of finding it by brute force. If anybody gets a hold of the key by any other means (compromised mail server or other vulnerability) they can still impersonate you no matter how long the key was...because they'll have it.

If the length of the key effects the time it would take to crack it, rotating the keys gives them a usage window so you'd have to be able to crack / obtain it within that window of time for it to be useful.

For many sites this probably doesn't seem like a big deal. For sites that deal with heavy phishing attempts though, these precautions are really important.

link
disiplus 3404 days ago
im still not convinced. if somebody breaks 2048bit we all have bigger problems. and if somebody compromises your mail server i assume you would like to know and not only let the keys rotate via cron and call it a day.
link
brightball 3404 days ago
Either way, when you can solve the problem with an extra DNS entry it's a better solution.
link