I believe HN should know about the Direct Project email encryption
It uses SMTP to transmit SMIME messages signed with X.509. Public keys for recipients are discovered either via DNS (as a CERT record) or via LDAP. Those discovered certificates are only trusted if the two parties have previously exchanged a trust anchor.
Direct itself does not define how trust relationships are initiated (which is a problem with scalability). So infrastructure is being formed around the protocol - such as HISPs and Trust Communities. HISPs intend to operate similar to how email providers operate - by providing web portals and edge protocols. Trust Communities are intended to create bundles of trust anchors for companies that have passed as certain level of accreditation.
There are currently two fully functional open source Reference Implementations in Java and C#.
http://directproject.org/
http://wiki.directproject.org/
http://wiki.directproject.org/Reference+Implementation+Workgroup
1 comment
[ 3.8 ms ] story [ 17.5 ms ] thread