EmailXT message flow
With EmailXT, many different types of messages circulate on the email pipeline in addition to your regular messages. These other types of messages are called "System Messages". System Messages take care of the tedious job of setting up or revoking relationships, reporting errors or acknowledging message reception.
So how do these messages flow? What is their sequence?
As usual, lets call our friends Alice and Bob.
Alice wants to relate with Bob, but only has his EmailXT address.
In this scenario, she has to ask for a relationship. Her email software sends Bob a Relationship Request message. This message contains basic details about Alice, and also her public encryption key.
Bob's email software receives Alice's request message. Without Bob's intervention, the email software creates a Relationship Challenge message. This message contains a challenge that Alice must solve to prove that she really wants to relate with Bob. Along with the challenge goes Bob's public encryption key. Messages from now on are sent encrypted.
Alice's email software receives Bob's challenge message, decrypts it and shows it to Alice. Alice must then solve Bob's challenge. The email software keeps the response and creates a Relationship Response message. The message is sent back to Bob, along with Alice's relationship keys.
Bob's email software receive's Alice's response message. It silently checks the response against the stored challenge. If the response is OK, the email software creates a Relationship Acceptance message and sends it back to Alice along with Bob's relationship keys. If the response is wrong, an Error message is sent.
Alice's email software receives the Relationship Acceptance message, keeps the relationship keys in the address book and notifies Alice. Both Alice and Bob can now securely email each other anytime they want.
Alice sends a regular message to Bob. This message is specifically targeted at Bob and only he can read it.
Bob's email software receives the message and issues a Return Receipt, acknowledging the reception of Alice's message. The Return Receipt is sent back to Alice.
Alice's email software receives the Return Receipt and marks Alice's sent message as sucessfully delivered.
Alice wants to relate with Bob, and knows one of his passcodes
In this scenario, she will also ask for a relationship. But this time, the passcode is sent in the Relationship Request message, along with Alice's basic details and her public encryption key.
Bob's email software receives Alice's request and checks for the validity of the passcode. If the passcode is valid, Bob's software immediately issues a Relationship Acceptance message with Bob's public encryption key and relationship keys and sends it to Alice.
Alice's email software receives Bob's message and also issues a Relationship Acceptance message with Alice's relationship keys.
A valid relationship is now established between them.
Alice has Bob's passcode and wants to send him a message immediately, without establishing a relationship
In this case, Alice just sends Bob a message, using the passcode as the encryption key.
Bob's email software receives Alice's message and, although she is not a recognized contact, her message could be decrypted using a valid passcode. In that case, the message is accepted but no relationship was established. If Alice wants to send another message, she has to use the same procedure, or establish a permanent relationship.
Note that sending messages using a passcode as encryption key is not secure. Although an attacker still needs to find out the passcode to decrypt the message, the security is easily compromised by short or common passcodes.