The MailVault FAQ

by J. Orlin Grabbe

[Note: this FAQ only applies to the new MailVault being beta-tested August 2001.]

What is MailVault?

MailVault is a web-based email system intended to make it easy to send and receive encrypted or unencrypted email and to communicate using anonymous email pseudonyms.

How does MailVault relate to other Laissez Faire City products?

Laissez Faire City is committed to developing a privacy infrastructure which will allow individuals and entities to operate in the freedom of cyberspace outside the confines of the traditional nation-state.

To achieve sovereignty, individuals need private and secure communication, private and secure financial transactions, and a capital-raising mechanism to finance their endeavors.

In this context, MailVault is a service making available private and secure communication.

Why isn't my email already private?

Email that is sent in plain (ordinary) text across the Internet can be read by many different parties—if they make the effort to do so. One of these may be your local Internet Service Provider (ISP). He may be curious or may have been forced to install Carnivore by the FBI.

Carnivore is a software program that scans email for anything the FBI is interested in. The FBI is the domestic political police arm of the U.S. government—renowned for covering up government crimes, and fabricating evidence against anyone the U.S. government designates as a threat to itself.

Other countries and agencies have similar email surveillance programs.

Unencrypted email can also be read at any of the router nodes that send your email packets along their way across the Internet.

Equally important is how and where you store your email. It is now common in U.S. court cases, for example, to subpoena the email of defendants in everything from divorce proceedings to political and financial fishing investigations.

How does MailVault protect my privacy?

First, when you connect to the MailVault mail server, the connection is encrypted, using an encryption standard for connecting web browsers to web servers called SSL. (MailVault requires your browser to have the capability to do 128-bit SSL encryption.)

Thus, no one can see what email messages you download to your computer, or send to MailVault. Neither can they see your MailVault email identity.

If your MailVault identity is "nobody@MailVault.com", then you can download your email from anywhere in the world over the Internet, without anyone being able to easily associate your real identity with this MailVault email address.

Second, MailVault makes it easy to encrypt email messages before they are sent across the Internet from the MailVault server, or to decrypt encrypted messages received in your MailVault mailbox.

For this, MailVault uses an encryption standard called PGP ("Pretty Good Privacy"). With MailVault you can create PGP public-private key pairs, and also import public PGP keys, or export them to other applications. That means you can send PGP-encrypted email to, and receive PGP-encrypted email from, people who are not customers of MailVault.

Finally, MailVault is a place to securely store email (depending on limitations of space). A secure storage area is important to people who use Internet cafes, or who do not wish to store email on their work or home computer, where the email addresses of their correspondents would be readily observable.

What is the relationship between the new MailVault and previous versions of MailVault?

Essentially, none whatsoever. DMT neither administers nor supports the use of previous versions of MailVault, nor do we recommend the use of products that don't meet the requisite computer security requirements. That includes Hotmail, HushMail, ZipLip, and the Dodge City Nym-to-Nym server.

How do I get a MailVault account?

There are various ways. A basic level of service will be available for free. An enhanced level of service comes with a combination package which includes a Cybercorporation, a MailVault account, and an ALTA account. (Laissez Faire City Founders automatically receive all these initially for free.)

Business details are subject to change, and are not properly included here. But watch the Laissez Faire City Times web site for a link soon to sign up for the new MailVault.

Are there any restrictions on my use of MailVault?

Yes. We are committed to anonymity and privacy, but this commitment includes an expectation of personal responsibility and morality. MailVault shall not be used to make threats of violence, or to engage in frauds or scams. Additionally, MailVault shall not be used to send spam; or to send, receive, or store child pornography. Finally, the MailVault server will not permit connections from a .gov or .mil domain name. (If you are a slave of the nation-state, then humbly beseech your masters to provide you with private email.)

Can you tell me something about the bolts and hinges of MailVault?

Here is a brief outline, along the lines of the old spiritual which goes "the head bone is connected to the neck bone, the neck bone is connected to the back bone" etc.

When you use your web browser—Opera, say, or Netscape Navigator or Internet Explorer— to login to the MailVault Apache web server running on Linux, your browser and the web server negotiate an encryption key for this session. The key is used to set up an encrypted channel between your browser and the web server. Communication (as well as the just mentioned key negotiation) follows a security protocol called SSL (www.openssl.org).

After the encrypted channel is set up, you will see the MailVault web pages, which were written in an HTML embedded scripting language called PHP (www.php.net).

The first thing you may want to do is check your email. When the web server receives this request, it talks to the mail server, which sends, receives, and stores email. The MailVault mail server is one called qmail (qmail.valueclick.com/top.html), which is a secure mail transfer agent. Qmail was written as a substitute for the Sendmail client often included with Unix/Linux, because Sendmail had too many security problems.

The web server fetches email messages from qmail using Courier-IMAP software (http://inter7.com/courierimap/).

Qmail sends, receives, and stores email. When you write an email and send it to the web server, it forwards it to qmail which puts it in a queue for forwarding on its way across the Internet. The email is forwarded after a short random time interval. The time delay is intended to help prevent traffic analysis. (If some agency had the resources to know that you sent an email at 10:43:31, and an email emerged from the MailVault server a few seconds later, it could, by correlation, learn to associate your real identity with the email address of your correspondents.)

Of course, the central purpose of MailVault is to make it easy to send and receive encrypted email, to import and export keys, and to operate under different email identities or nyms. For this purpose there are three additional pieces to MailVault — a client database, a key server, and a crypto engine. In short, the client database keeps client info such as passwords, the keyserver keeps PGP public keys, and the crypto engine encrypts and decrypts email.

When you first login to MailVault, you enter a Username and Password. These are checked in the client database against a validation list. Associated with your login Username are various email aliases — email names you may wish to use for Internet correspondence.

The web server and the client database talk to each other using a language and protocol called XML-RPC (www.xmlrpc.com). (For those who care, XML — eXtensible Markup Language [www.w3.org/xml/] — is the practical subset of SGML, or Standard General Markup Language [www.w3.org/sgml/], of which the world-wide web's HTML is one example; RPC is Remote Procedure Call — a way for different computer processes or applications, even ones that are running on different computers using different operating systems, to call each other's parameters and procedures — each other's variables, subroutines, functions, processes, etc.)

We've written a security-enhanced version of XML-RPC, aided by the XML-RPC library of Dan Libby and Joyce Park (xmlrpc-epi.sourceforge.net).

When you indicate your wish to encrypt an outgoing email, you click the appropriate button in MailVault. Instead of sending your email immediately to qmail, the MailVault web server instead sends it first to the crypto engine. The web server and the crypto engine also talk to each other using XML-RPC, described previously. Now, just as there is secure communication between your web browser and the web server, so is there secure communication between the web server and the crypto engine. Your email is automatically encrypted all the way from your web browser to the crypto engine. There the crypto engine turns your email back into plain text in order to PGP encrypt it. It then sends the PGP-encrypted message back to the web server, which sends it to qmail for forwarding.

When the crypto engine encrypts email to one of your correspondents, it must use that correspondent's public key. The crypto engine goes to the keyserver to get it. The keyserver uses PGP Public Key Server software written by Marc Horowitz of MIT (www.mit.edu/people/marc/pks/pks.html).

PGP private keys are stored in a separate keyserver database running on software developed in-house by DMT and Laissez Faire City. The crypto engine accesses a private key when it is necessary to decrypt a PGP-encrypted email sent to a MailVault client, or to PGP-sign an outgoing email.


-30-

from The Laissez Faire City Times, Vol 5, No 34, August 20, 2001