[tony101]

Letters and emails are private. DKIM does not change that.

This discussion about DKIM is about non-repudiation and the ability to prove that a certain person sent the email.

If you send me a letter, I (or someone else who gains possession of that letter) should be able to prove that you sent the letter and hold you accountable for the contents. DKIM does that for emails.

[tptacek]

If you want to transfer assurance of the authenticity of an email to someone else, you can do so without DKIM; just sign a timestamp or something. The problem with current DKIM configurations is that it provides that assurance to everybody, including strangers who have no business having it. Which is why the ask here is for Google to do with DKIM what OTR does with MAC keys: burn them periodically, so that only people who have explicitly arranged to share authentication do so.

[yew]

That seems less usable for the average email recipient. Most people who need to prove authenticity to a third party (eg of politically sensitive or offensive messages) aren't techies.

Too, it's easy to imagine not knowing you need proof until some time after you receive an email.

If it isn't usable and enabled by default, it won't be used in practice - for the same reason almost nobody uses PGP.

[Natanael_L]

It's already common to use unsigned documents in court, as long as you can show provenance is legit or if the counterparty is willing to acknowledge authencity.

In fact, it's quite common that the issue over unsigned documents in court is the interpretation, not authencity.

I think the issue of having to teach users how to opt in to signing emails in potentially controversial cases is preferable to having to teach them how to handle email communications that are permanently provable (for starters, never ever again leave out a quote and never ever write ambiguously).

[fpig]

The author's suggestion, as I understood it, doesn't prevent this, it only prevents them from doing it beyond a certain point in the future.

If you got an email that warrants "holding someone accountable", you would have plenty of time before the keys are released. So if you receive an email and call the police, nothing would change.

What you couldn't do it save it for years and keep it as blackmail material / until it's politically opportune to use. Of course it's not as clear cut as that, and an email may look harmless at the time, and only later, with more context, you might realize it contains evidence of misdeeds. So even a good faith actor might unknowingly sit on evidence.