My first exposure to [[public key infrastructure]] was while working in Richardson TX at Nortel. About 1996, the Entrust organization reported into my boss' boss. As sister organizations it was appropriate to check out how we could use their technology and discuss how they could use our technologies. As part of that discussion, I began to study PKI technology – Nortel had secured years before a license to the RSA patents, and were attempting to commercialize the algorithm within an environment of message and file encryption and other services.

The big services of PKI were privacy via encryption, non-repudiation – evidence that only you could have sent the message, authorization – only folks with the appropriate credentials could have access to the engine, integrity – in that there were solid methods for assuring that the message received was the message sent and authentication – validating that only the authentic sender and addressees would be able to read the message.  At the time there was a plugin for Microsoft Outlook so that a message could be secured or checked from within the email application. It also had a standalone application that could bulk encrypt files and folders for storage or transport.

I used the implementation while involved in the company's business development project to acquire Bay Networks, but found it awkward and cumbersome to use for anything other than most extraordinary circumstances requiring tight and strong security, which as a marketing executive were really few and far between for me. Other problems were that it was a crime to possess cryptographic technology in France, so you had to remove the software when traveling through or in France. 

Fast-forward a decade or more, and while touring the exhibits at Lotusphere, I came across RPost.  

RPost has a hosted, client-less [[zero footprint applications]] implementation of PKI that is focused on assuring privacy, integrity, authorization, authentication and non-repudiation for email communications. For Outlook and Notes users there are plugins so they just click to 'register' the message, while for other email clients (Mac Mail, webmail for example) you add .rpost.org to the end of the addressee's email address – so to send to me a registered email, send it to [email protected].

Once the message is sent via registered, you get an acknowledgment  message from the RPost service.  Recipients get an email with a big header that this message is Registered Email and includes a link to understand what that means.

Once the addressee opens the message you get a registered receipt message showing when the message was delivered to the addressee's server and when it was opened as shown in the picture here. 

The receipt also explains how to authenticate the message by emailing the receipt (which contains the hash of the original message) and compares it to the hash on file which was created when the original message was processed by RPost.

The service also offers an encryption capability. Users click on the plugin that they want to encypt the message and the message is processed in the usual way except that the recipient gets an email with a link. Clicking on the link opens a web page that requires an password authentication to see the message over a [[TLS]] session. Details about the encypted access are also available in the usage reporting options.

This service overcomes the limitations of clients and has been proven helpful in reducing paper in insurance, legal and financial services transactions and communications. Also, the service has received court endorsement and even the USPS has acknowledged the superior properties of registered email over regular email.

Digital Signatures

Using the public-private key pair to digitally sign documents has been an important part of the value of PKI, but it has yet to take off. RPost has a solution for this dilemma. They've implemented a click-to-sign feature that when returned to the RPost service provides a zero-footprint digital signature that can withstand any US legal challenge.

RPost has gained market traction in specific high-volume repeatable commercial transactions like college processing of student loans, city government correspondence about property developments, communications with energy providers, shipping company communications and insurance carriers providing notifications to policy holders. Of course, the service is also popular in attorney communications on behalf of and to clients.

Priced at 29¢ – 59¢ per message, and available in enterprise-wide implementations, the service is appropriate for premium applications to enhance the confidence of email communications. No doubt, you'll be seeing a registered email in your inbox short order.

This post has already been read 0 times!