The Point:
To make it possible to prove - to the satisfaction of a Court - that either an email was sent or received by named individuals at or before a given date.
The Method:
1 Message between Sender and Recipient cannot be read without a Key which the Sender only gives to Codel and the Recipient can only get from Codel. These transactions are captured to Codel's protected Audit Trail.
2 The software used to create or retrieve these keys is uniquely branded so that we know exactly which software is being used and thus who is sending or receiving the email.
3 We also require both sender and recipient to verify the previous transaction for which the software was used.
How it Proves an Email:
1 The Recipient Request for the Codel Key is made by submitting the fingerprint of a first Key Codel never sees. But it matches the fingerprint the Sender gives to Codel. So Codel is witness to the sharing of the first key.
2 The first key is only sent by the sender once the recipient proves they've received the encrypted message. So the Sender can prove the recipient must have received the message.
3 Codel, therefore, does not directly prove the transmission of the original message, but as it can prove the sharing of the first key, it is "witness" to the agreement between sender and recipient that the original message must have been sent and received.
4 Forcing the recipient to retrieve the final key from Codel allows us to play this witness role and to log the time and date of the transaction we're involved in. This fixes the earliest time and date at which the original encrypted message can be opened and read.
5 The requirement to verify previous transactions deals with the problem of identity theft. This check speeds up the detection of compromised communications and, if no compromise is detected, it builds up increased confidence in the transaction trail and the identity of the person creating those transactions.
