@hanno hang on, *Entrust* was using a Debian weak key for their DKIM signing? That's just made my day.

@hanno very good work indeed. Bravo 👏

@hanno Haha, just clicked the link, to have a good nostalgic read on my train ride about some long forgotten fuckup.
But then it got more and more side tracked into a truly magnificent dumpster fire!
Great work and great story! Loved it =)

@hanno happy anniversary

@hanno @vidister nice writeup! (and full agree on the BIMI comments ;) )

one quick Q: for "By scanning the Tranco Top 1 Million list, I collected 355,055 TXT records" how did you guess/find the selectors, unless you walked dnssec RRs or otherwise was able to dump the RRs?

I wonder why the M&S Food Hall smell is very different to other supermarkets? Most places go for a mixture of vanilla, yeast and leafy, but in M&S it's always a kind of salty, humousy attack-olive kind of smell.

It's a Rolexy LinkedIn kind of smell; an Opportunities for Networking, kind of smell; a Let Me Show You Our New Kitchen kind of smell; a Trap You In A Corner To Talk About AI and Bitcoin kind of Smell.

Such a fearful scent -- M&S so clearly scented Not For Me.

@hanno yes!

Seen that in the wild.

Sadly that's covered by an NDA!

@hanno Possible you could check the DNS records for entries that haven't been modified since 2008.

Would you rather have an email from someone that has no DKIM or a DKIM from 2007?

@hanno@mastodon.social i´m using one of the email providers mentioned- oh no ​:neocat_googly_shocked:​

@hanno I have I scanner for dkim keys... 🤔