[tptacek]

If you want to transfer assurance of the authenticity of an email to someone else, you can do so without DKIM; just sign a timestamp or something. The problem with current DKIM configurations is that it provides that assurance to everybody, including strangers who have no business having it. Which is why the ask here is for Google to do with DKIM what OTR does with MAC keys: burn them periodically, so that only people who have explicitly arranged to share authentication do so.

[yew]

That seems less usable for the average email recipient. Most people who need to prove authenticity to a third party (eg of politically sensitive or offensive messages) aren't techies.

Too, it's easy to imagine not knowing you need proof until some time after you receive an email.

If it isn't usable and enabled by default, it won't be used in practice - for the same reason almost nobody uses PGP.

[Natanael_L]

It's already common to use unsigned documents in court, as long as you can show provenance is legit or if the counterparty is willing to acknowledge authencity.

In fact, it's quite common that the issue over unsigned documents in court is the interpretation, not authencity.

I think the issue of having to teach users how to opt in to signing emails in potentially controversial cases is preferable to having to teach them how to handle email communications that are permanently provable (for starters, never ever again leave out a quote and never ever write ambiguously).