People Calyx Partners Policies All inter-data center network traffic encrypted Encourage or enforce protocol layer encryption ... Encourage and enable the use of Tor for anonymity All user data stored on encrypted disks All DNS domains signed with DNSSEC Contact Us Press Coverage Financials and Annual Reports Jobs

Encourage or enforce protocol layer encryption and Forward Secrecy whenever possible

How We strongly encourage the use of protocol level encryption whenever possible. Some of the ways we accomplish this are Secure Socket Layers (SSL), and Transport Layer Security. We also strongly encourage the use of cryptographic algorithms which are capable of Forward Secrecy

Some examples include:

Only allowing SSL-encrypted HTTPS connections on our web sites
Offering Forward Secrecy enabled cryptography algorithms on our web sites
Only allowing SSL-encrypted XMPP / Jabber connections to our public messaging server
Offering Forward Secrecy enabled cryptography algorithms on our public messaging server
Only allowing SSL-encrypted IMAP for email reading
Offering SSL-encryption via StartTLS on our public SMTP mail server
Offering SSL encryption on our public OpenPGP key server

Why Strong encryption and authentication of data serves several purposes. It is a countermeasure against interception. It also tries to authenticate the data - to provide assurance that data really originates from who you think it does.

Caveats Authoritative sources have pointed out flaws in the system of certificate authorities that underpins the trust network. We recognize these short comings and also hope for technical solutions to overcome the weaknesses that have been identified. However in the mean time there aren't a lot of alternatives.