CertifiedEmail: Now with DKIM

When we designed CertifiedEmail, a few years back, there was no suitable standard for digitally signing an email message. Goodmail thus went and used standard components, e.g. RSA for the digital signature, and SHA-1 for hashing a digest, but we were forced to define our own process for combining these components into an authentication layer.

Over the past few years, an email authentication standard emerged: first in the form of DomainKeys, and later, its successor, DKIM.

It was a relatively simple matter for us to substitute DKIM for our original authentication layer. The authentication layer was, and still is, a rather prosaic component of CertifiedEmail. The other security components, the “secret sauce” that made CertifiedEmail the best and the only secure email certification system, remain in place. DKIM-based CertifiedEmail is as secure as the original specification of CertifiedEmail.

By adopting DKIM, not only do we embrace and help further propagate a worthy standard, we also provide our customers with additional value. Beyond the large number of mailboxes operated by providers who agreed contractually to grant privileges to CertifiedEmail messages, senders of CertifiedEmail will now also enjoy improved deliverability with other receivers who value the fact that CertifiedEmail messages are signed by a trusted third party.

You can read the press release (replete with quotes from luminaries and a car safety metaphor) here.