← Back to context

Comment by jaza

4 years ago

I highly suspect that, in the vast majority of legal proceedings (all but the most high-budget high-stakes ones), all involved simple assume that all the (PDF exports of / hard-copy print-outs of) emails in the case files are genuine. I doubt that the possibility of email tampering even occurs to them.

And, in the minority of cases where it really matters, and where they really suspect foul play, them I'd assume that they rely on numerous bits of technical evidence (proxy copies, CC'ed copies, file system forensics), plus on one person's testimony vs another's, because as you say, DKIM's usefulness is limited.

Isn't that the part of the trial where a lawyer asks a witness or defendant or whoever "Did you on the date X write an email saying "blah"? And the person says yes. That avoids assumptions since no-body challenges it.

  • Similar to how warnings to "stop illegal action X" eliminates "I didn't know it was illegal" arguments (if they continue).