Storing RSA Private Keys in DNS TXT Records?

15 pointsposted 9 months ago
by olamoskae
(reconwave.com)

10 Comments

yatralalala

9 months ago

Oh wow, just recently started a discussion about this on reddit [0]. Still seems pretty bad idea in all possible scenarios. I don't believe that this "plausible deniability" would be a thing there.

[0] https://www.reddit.com/r/sysadmin/comments/1fn3f25/found_rsa...

ryan-c

9 months ago

I have been doing a daily rotate/revoke/publish routine with my DKIM keys for years, though I do not use the standard private key format for size reasons.

No problems with it, but critically I revoke the public key a few days before publishing the private key.

https://rya.nc/dkim-privates.html

blakesterz

9 months ago

And someone found a good reason for it?

https://www.reddit.com/r/sysadmin/comments/1fn3f25/found_rsa...

  "So yes, in that one specific case it's actually a good idea to publish private keys - albeit expired ones."

yatralalala

9 months ago

Yup, it kinda makes sense, but I agree with other commenters there that plausible deniability is not as strong here.

out-of-ideas

9 months ago

what KittensInc wrote and quoted is basically the lengthly version of what plausible deniability covers. it is just a matter of time before a leak/hack/exploit happens; so ensuring we have edge cases covered is why those priv keys are published. DKIM uses these priv keys to the sender, not to encrypt the payload of the email to make it secret.

rozumbrada

9 months ago

Could the act of publishing private keys to achieve a plausible deniablity actually backfire? If nobody is able to prove that the organisation sent the email, then the organisation is also not able to prove it. It works both ways. So imagine the organisation needs to prove an authenticity of some email because of a legal dispute. By publishing the private keys, it prevented itself from doing that

smitty1e

9 months ago

> If an organisation wants to prevent that, it can rotate DKIM keys and release the old secret keys. This way, any future email with valid signature can be denied as a forgery

OK, so, not the current private key. These are superceded keys made available for hysterical raisins.

hi-v-rocknroll

9 months ago

Hysterical raisins often leads to making offerings at the Homeless Despot seeking cunstain targlide removal persuasion equipment in lieu of using a dainty and delicate 415 IL larder.

TwoNineFive

9 months ago

> We are relieved that hundreds of organisations did not leak their private keys by accident.

It's important to note that the only reason for a business to do this is they are currently or planning on committing crimes and/or embarrassing acts.