Gmail (and other email providers) could also protect these billions by making the header-stripping change at the server level for everyone.
After all, Green is proposing for them to change their servers anyway, so either way it requires some kind of server change.
The advantage of Green's approach is it gets results quickly because with one change they can protect a lot of emails. But, while quick results are nice, is this problem really so urgent that only the fastest solution should be considered?
Another difference is the set of users who are protected. If you rotate DKIM keys, you protect Gmail users against non-repudiation risks because their outgoing emails become more deniable. But if you strip headers from Gmail users' inboxes, you protect Gmail users against hacking, because now hacking a Gmail account gets you less-valuable data.
Also, publishing old DKIM secret keys will require some distribution method. Where do you actually put them? For a given email provider, where do you go look to find them? It's a solvable problem but it's one that doesn't exist with the header-stripping approach.
Yes, the call isn't for GMail to kill non-repudiation protections on mail they receive (and was signed by others), it's to kill it on emails they've signed and thus are sitting on someone else's server.
After all, Green is proposing for them to change their servers anyway, so either way it requires some kind of server change.
The advantage of Green's approach is it gets results quickly because with one change they can protect a lot of emails. But, while quick results are nice, is this problem really so urgent that only the fastest solution should be considered?
Another difference is the set of users who are protected. If you rotate DKIM keys, you protect Gmail users against non-repudiation risks because their outgoing emails become more deniable. But if you strip headers from Gmail users' inboxes, you protect Gmail users against hacking, because now hacking a Gmail account gets you less-valuable data.
Also, publishing old DKIM secret keys will require some distribution method. Where do you actually put them? For a given email provider, where do you go look to find them? It's a solvable problem but it's one that doesn't exist with the header-stripping approach.