Microsoft missing public DNS TXT entry for DKIM records (msn.com)
John Levine
johnl at iecc.com
Thu Apr 4 19:27:52 UTC 2024
It appears that Michael Thomas <mike at mtcc.com> said:
>verified and thus not denied. After, there were calls for providers to
>publish their private keys on a regular basis but that went nowhere that
>I've heard of.
$ host -t txt k2402._domainkey.gurus.org
k2402._domainkey.gurus.org descriptive text "v=DKIM1; h=sha256; p=MIIBIj... ; n=Signing=20key=20at=20https://www.iecc.com/dkimkeys/k2402 ;"
That's probably not what's going on here -- maybe they
>just botched a key rollover -- but it still amusing to me that we got
>non-repudiation along for the ride [*].
Well, they could have gotten equally good non-repudiation by not signing at all.
R's,
John
More information about the NANOG
mailing list