Posts in 'architecture'

architecture

Identity 10: OpenPGP without Web Of Trust

OpenPGP is a powerful technology for signing and encryption, because it does not imply a stiffling key infrastructure. Instead, it uses a Web Of Trust that is flexible... and complicating for new users. We now introduce an approach to securely use OpenPGP without even that.

>> Continue reading <<

architecture

Mail Routing 3: Doing DKIM Perfectly

DKIM is the technology that signs a message and some of its headers at a mail server en route; mostly this is done by the originator of the email. One problem remains that slows down its introduction as a hard filter, and that is email handling that edits the message and then forwards it, as is common for email lists. This article nails the integration of DKIM with forwarding.

>> Continue reading <<

architecture

Mail Routing 2: Doing SPF Perfectly

SPF is the technology that assures that mail only arrives from authentic senders. One problem remains that slows down its introduction as a hard filter, and that is email forwarding. This article nails the integration of SPF with forwarding.

>> Continue reading <<

architecture

Using SASL with HTTP, Mail and LDAP in Nginx

All our work on identity must somehow end up benefiting applications. One of most interesting bits of software to do this is a frontend proxy. As so often, we find a few parts missing to complete our vision of a better-unified Internet.

>> Continue reading <<

architecture

NGI 2: The poverty of HTTP

Give a technician a hammer, and soon she'll see nails everywhere. Why use other tools, if a hammer works so well? This is pretty much the position that HTTP is in, and this is far from well-deserved. A healthy Internet requires a plethora of protocols, all optimised for their particular purposes.

>> Continue reading <<