Certificates are not worth the paper they are printed on. It is just something nice to show off with and hang in your office. What makes a certificate valid is the organization who delivered it, so you can check it was issued to a person.
I would print the source and the txt DNS record on the same piece of paper. You can then replay the verification anytime (provided there is no UTF8). Or place this information (via a bit of magic scripting) in a third party digital escrow (search for DNS registry escrow for firms who could offer you this service). On 6/18/11 18:16 , "Alessandro Vesely" <[email protected]> wrote: >On 17/Jun/11 20:01, Murray S. Kucherawy wrote: >>> From: [...] On Behalf Of Alessandro Vesely >>> >>> does anybody know about commercial/free DKIM verifiers that produce a >>> certificate of "valid email message", or similar, for archival usage >>> by the requesting party? >> >> What, other than an Authentication-Results field, did you have in mind? > >Dunno. Perhaps a web form where you upload a .eml signed message and >get back a duly signed printable thing certifying that the message >verified. Its semantic content is the same as an A-R field, except >that it cannot be forged. If you exhibit it sometime in 2021, say, it >will still prove that you received the given message from the given >domain on the given date. >_______________________________________________ >NOTE WELL: This list operates according to >http://mipassoc.org/dkim/ietf-list-rules.html _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
