My final thought on DKIM after reading 12,000 opinions on HN:

It appears that many opinionated Internet users feel that DKIM non-repudiability is an essential feature that is basically indispensable for email users. 1/

They feel this because they think DKIM allows them to prove the authenticity of email, and that’s useful. (Other users note that DKIM’s non-repudiability is NBD because it doesn’t prove that an email comes from a specific sender. This seems weirdly incompatible, but HN. ) 2/

Based on this new understanding - that many people on the Internet view a DKIM signature by Google as basically indisputable legal proof that an email is authentic - my revised thinking is that Google really needs to step up its game. 3/

After all, if we’re going to build an entire legal and social regime around the idea that Google DKIM signature are a source of truth, we need to know a lot more about how Google is securing its signing keys. There had better be HSMs and rotation and all sorts of assurances. 4/

Right now for all I know, Google employees leave those signing keys lying around the office on USB sticks. That’s going to have to stop. These keys are supporting our entire legal framework. 5/

Sarcasm aside, another strain on HN is “isn’t it wonderful that we can cryptographically hold crooked politicians to account by authenticating their leaked emails”? Sure you can. https://www.google.com/amp/s/www.forbes.com/sites/zakdoffman/2020/02/24/new-whatsapp-security-blow-as-political-staffers-are-pushed-to-signal-heres-why-that-matters/amp/

Anyway, I can’t help think that most of the features that HN wants — basically, non-repudiability and notarization for email — would be best served by using a dedicated third party service, one that provides actual guarantees. There’s even a great little HN startup idea in it. //