New Internet applications and new releases of existing Internet application
s appear with bewildering rapidity. Adding functionality to such applicatio
ns can therefore be a time-consuming process. By contrast, Internet protoco
ls are significantly less volatile. In some circumstances, the additional f
unctionality can be provided by 'tapping into' the protocol exchanges rathe
r than modifying the applications themselves, We claim that this represents
a more manageable approach to the problem of adding additional facilities
to applications. We demonstrate this approach using the example of e-mail s
ecurity. Whenever possible, a proxy sitting between a mail client and serve
r signs and encrypts outgoing mail. Incoming secured mail is automatically
decrypted and verified. This means that any software that works with standa
rd mail protocols gains security without requiring separate upgrading, The
proxy attempts to keep the amount of user interaction required to a minimum
providing security functionality for users without the need to learn a com
plex new user interface. Copyright (C) 1999 John Wiley & Sons, Ltd.