A ton of people don’t ever rotate their DKIM keys. If you’re not using email too... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		brightball on Nov 14, 2021 \| parent \| context \| favorite \| on: Hoax email blast abused poor coding in FBI website A ton of people don’t ever rotate their DKIM keys. If you’re not using email tooling that handles it automatically on a regular basis it’s an easy thing to do since it doesn’t expire like an SSL cert. Anybody gets their hands on the private key, ex employee, compromised via hack, etc then everything will sail through.

windexh8er on Nov 14, 2021 [–]

You may enjoy this (I believe it was on HN last year): "DKIM: Show Your Privates" [0].

[0] https://rya.nc/dkim-privates.html

brightball on Nov 14, 2021 | [–]

I remember it! Solid points all around.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact