Latest posts

architecture

Identity 10: OpenPGP without Web Of Trust

OpenPGP is a powerful technology for signing and encryption, because it does not imply a stiffling key infrastructure. Instead, it uses a Web Of Trust that is flexible... and complicating for new users. We now introduce an approach to securely use OpenPGP without even that.

>> Continue reading <<

architecture

Mail Routing 3: Doing DKIM Perfectly

DKIM is the technology that signs a message and some of its headers at a mail server en route; mostly this is done by the originator of the email. One problem remains that slows down its introduction as a hard filter, and that is email handling that edits the message and then forwards it, as is common for email lists. This article nails the integration of DKIM with forwarding.

>> Continue reading <<

architecture

Mail Routing 2: Doing SPF Perfectly

SPF is the technology that assures that mail only arrives from authentic senders. One problem remains that slows down its introduction as a hard filter, and that is email forwarding. This article nails the integration of SPF with forwarding.

>> Continue reading <<

Hosting

Mail Routing 1: Doing it Well and Not-So-Well

Mail is severely hampered by spam, as we all know. Interestingly, some spam prevention tactics are applied so softly that they work against a reliable mail system. Here is a tale from the crypt.

>> Continue reading <<

TLS

Dissecting TLS for Operational Flexibility

The TLS protocol is usually considered as a black box that somehow bestows security. But like any other protocol, it is a sequence of bits and bytes. This article explains how a bit more depth about the protocol is helpful to understand how it can be split into two dramatically different components; and how this can be incredibly useful from an operational perspective.

>> Continue reading <<