Tutanota: encrypted DANE based mails

emailWe explored ProtonMail and Mailpile in our earlier articles. Tutanota is a new free mailing service that takes security to a new level by using DANE (DNS-based Authentication of Named Entities). While HTTPS just relies on the authenticity of the Certificate Authorities (CAs) issuing the SSL certificates, DANE forces the certificates to be bound to DNS names using Domain Name System Security Extensions, making authentication independent from Certificate Authorities. DANE stores the digital fingerprints of an SSL certificate in DNS, the phone book of the Internet. Mail servers and browsers can automatically verify the authenticity of the certificate before establishing a trusted SSL connection or sending an email via SSL transport encryption. This adds an additional layer of security over HTTPS. Relying only on SSL certificates makes man-in-the-middle attacks all too easy. These attacks are done more often than we think because most users do not notice it. However, DANE needs both the sender and receiver email services to support DANE.

Your mails never leave the server with Tutanota.

Tutanota provides browser plugins to connected securely to their servers. This ensures that a third-party can’t snoop on your data. It supports encrypted emails – the receiver can only view the email by using an agreed upon key. The content of the mail never leaves the Tutanota server, only a notification mail is sent to the recipient to view the email on Tutanota’s server.

Tutanota features at a glance:

  • Uses DANE on top of HTTPS
  • Fully encrypted mails
  • Encrypted email content does not leave Tutanota server
  • Provides DNSSEC/DANE/TLSA browser plugins to connect securely to the servers
  • Doesn’t need personal data to sign up. Just the username and password.
  • Cannot restore password if lost
  • Tutanota can only read sender, recipient and date of email
  • Underwent extensive penetration test by the renowned SySS GmbH and certified
  • Based in Germany
  • Web interface works on all major mobile and desktop browsers
  • Mobile apps coming soon
  • Free email service
  • Open source

The web interface is clean and simple with just the inbox, sent and trash folders. There aren’t too many settings to complicate things and it allows invitations.

If interested, register your Tutanota email ID. It is currently in Beta.


5 thoughts on “Tutanota: encrypted DANE based mails”

Leave a Reply

Your email address will not be published. Required fields are marked *