Integrating security services with the automatic processing of e-mail content

Digital signature can be associated with Internet messages in order to guarantee authentication, message integrity and non-repudiation of origin. Verification of incoming digitally signed messages is a critical operation requiring careful attention. Usually e-mail clients (receiving agents) implement this function on behalf of the end-user. If the verification process is not successful, the client alerts the user. When e-mail messages (i.e. electronic forms) are used to request services of a provider, the automatic processing of message content speeds up data processing, reducing human error as well. In this context, signature verification by e-mail client could become a system bottleneck, thus justifying an automatic verification system. In this work we briefly describe our experience in designing and implementing software in order to automate the verification process of signed e-mail. The system has been designed to simplify the registration of Internet domains under the .IT Top Level Domain.