Our work on security makes us deal with a lot of ASN.1 data, mostly
encoded as DER. We designed the Quick DER library to have a
commercial-grade tool to manipulate it... except that it is released
in open source.
Mail was designed as a gullable system, and this is generally abused
by spammers. Fighting spam is a balancing act between failures to
accept and reject. With the more refined identity model of the
IdentityHub, we have new tools to strike a better balance.
OpenPGP is a powerful technology for signing and encryption, because it
does not imply a stiffling key infrastructure. Instead, it uses a
Web Of Trust that is flexible... and complicating for new users. We now
introduce an approach to securely use OpenPGP without even that.
DKIM is the technology that signs a message and some of its headers
at a mail server en route; mostly this is done by the originator of
the email. One problem remains that slows down its introduction as a
hard filter, and that is email handling that edits the message and then
forwards it, as is common for email lists. This article nails the
integration of DKIM with forwarding.
SPF is the technology that assures that mail only arrives from authentic
senders. One problem remains that slows down its introduction as a
hard filter, and that is email forwarding. This article nails the
integration of SPF with forwarding.