User:Ruomini/sandbox/Envelope-Content Splitting (ECS)

Envelope-Content Splitting (ECS) Envelope-Content Splitting (ECS) is a technique for securely sending email without the use of PGP. Besides providing the benefits of secure email, ECS also enables users to edit their emails after sending them, even after the recipient(s) have read them, as well as providing complete protection from spoofing and phishing. ECS supports any pre-existing email addresses, such as Gmail, Yahoo, Microsoft, etc.

The way ECS accomplishes the above is conceptually quite simple: instead of sending the message content through the mail network along with the email headers (the message envelope), the sending mail client sends the content (message body and any attachments) to a secure content server using a secure Web protocol (https), using an assigned content server password which is stored in the sender's device as well as the content server database. Assuming the content server is able to authenticate the sender, the sender's and the recipient(s) email addresses are inserted into the content which is then moved to secure storage. The content server returns pointers, one for the message body and one for each attachment, which the mail client inserts into the envelope. The message is then sent, with a canned message replacing the actual content, to the recipient(s). When the recipient(s) receive(s) the message, the recipient email client then sends a request to the content server, using its own credentials, to fetch the content. Please note that in order to be able to access the content on the content server, the content server must be presented with a content server password; one cannot simply follow the pointers in the envelope to fetch the content.


References

edit
edit