[jabart]

Doing this only provides deniability in public. If this was brought to a court there are enough server logs to build out if that DKIM record was valid along with a number of DNS history providers.

[singpolyma3]

As if courts care about any of that. They'll just ask the witness "did you send this email"

[speerer]

Counter-example: I've used DKIM as evidence in court.

[withinboredom]

Counter-example example: I've been an expert witness in court to prove an email was a forgery; using DKIM.

[speerer]

It'd be funny if we were working together and just telling the same story behind our aliases.

[withinboredom]

My case was a family court dispute where one parent forged an email from the other parent about the child's care. It was a pretty wild case. After that, I was pretty convinced some people are just evil.

[Groxx]

Yea, stuff with kids involved sometimes makes it SUPER unambiguous. Some people are very clearly willing to do anything to anyone, and are doing so as much as possible.

[andriesm]

Most people are not aware of what it means to be sociopath/psychopath/Anti-social personality disorder... Or how common it is in the population (a few percentage points seems reasonably accepted) - Why is this information not made general knowledge?

I would argue it should be taught in schools.

It's a basic life skill, to be aware of what it means and how common it is. How do you function in society being oblivious of these facts? Basically by perennially becoming a victim to these, or by becoming bitter.

Just knowing about it is half the battle.

I would also add other dark personality types with potential to cause you real harm to the list - BPD and NPD.

School yourself, save yourself a whole lot of bad surprises. Over a lifetime being aware of the existence of these means you are on the lookout for warning signs, and you learn to get better at picking up on warning signs faster.

[cbozeman]

That would be a counter-counterexample, wouldn't it?

[inopinatus]

The stacking of either term is unnecessary, because all counter-examples are also examples, thus:

* an example supporting the counter-example is simply another counter-example, and

* an example contradicting the counter-example is, by definition, also another counter-example.

Corollary: all examples that can be opposed or contradicted by counter-examples are themselves also counter-examples.

[jonas21]

Nah, it supports the counter-example, so it's a counter-example example.

[singpolyma3]

I'd say it refutes the counter-example. The court doesn't care about DKIM, they care about witness testimony.

DKIM might have convinced the witness sometimes though.

[jillyboel]

Which is why you say "No". Then when they try to prove that you did in fact send it, this comes up.

[qingcharles]

Well, if you did send it then you just perjured yourself, so you better hope you don't get caught :)

[jillyboel]

You'd be lying to the court either way if you did send it and meant to conceal it.

[irrational]

https://xkcd.com/538/

[danesparza]

The same is true for breaking into a building. An expensive lock won't protect you against a determined attacker.

[SmellTheGlove]

Right. There’s generally going to be other evidence. Rotating the DKIM isn’t going to save anyone relying on the shaggy defense.

[tptacek]

This isn't about evidence. In a court case, discovery and court orders can authenticate email messages even if providers publish their keys; the provider will have a record of having verified the email when it was received. But ATO attackers will not have access to those records.