On 4 May 2019, at 0:48, Grant Taylor wrote: > On 5/3/19 5:51 PM, Kevin A. McGrail wrote: >> If your key is compromised, generate another and publish it on DNS. > > That requires knowing that the key is compromised. > > It really helps to know that an APT is going on to know that your key has > been compromised. > > The point being there are reasonable circumstances that someone else can DKIM > sign messages as a victim.
This is all true of any authentication mechanism: if control of authenticating credentials is lost, the authentication is worthless. For example, if someone can control the DNS for tnetconsulting.net, they can very likely get Comodo to reissue your S/MIME cert and send it to them instead of you. At that point they can sign mail as you in a manner that normally would be seen as more robust and more reliable than DKIM. BUT: you have an advantage over many victims of DNS compromise in that tnetconsulting.net has implemented DNSSEC. Also, DKIM is potentially less vulnerable to DNS compromise than PKI-reliant X.509 certificates (which DNSpionage & Sea Turtle target) because the protocol is designed to support short-lived keys distributed over DNSSEC so that a compromise of DNS needs to be persistent and stealthy to live longer than a signed TXT record.
signature.asc
Description: OpenPGP digital signature