As flagged up in previous blog posts, R11.2 incorporates a number of significant changes to our product:
With R11.2 we've introduced support for X.509 based strong authentication, also referred to as X.509 PKI (Public Key Infrastructure). The X.509 standard specifies the standardized information contained within a digital certificate, support for X.509 is an important element in our directory support for PKI systems.
We've has enhanced M-Vault's directory product to include strong authentication between servers for directory chaining (X.500 DSP) and directory replication (X.500 DISP). Strong authentication is provided for client access using both LDAP and X.500 DAP. A new white paper describes the benefits of this security.
To smooth the adoption of Strong Authentication we've built our own, easy to use Certificate Authority (CA) - the Isode MiniCA which contains all the necessary functionality needed to process Certificate Signing Requests, issue and revoke certificates and generate certificate revocation lists. More information on our Strong Authentication infrastructure can be found here. Our servers can also be used with commercially available Certificate Authorities like Entrust and RSA Keon.
Military & Aviation
Two of our major markets are military and aviation (AMHS) messaging, based on the X.400 standard. With R11.2 we've included easy setup options for X.400 content types utilized by military and aviation messaging systems as well as extended our X.400 routing to enable the use of wildcards, allowing an MTA (Message Transfer Agent) to use matches on part of an O/R address to decide where a message is routed to.
Directory Client API
The aviation and military markets will also benefit from changes to our Directory Client API, which now supports both X.500 DAP and LDAP (Lightweight DAP) allowing a single application to mix DAP and LDAP calls. Developers working in these sectors are often required to produce applications conformant to DAP but which might also be used with LDAP.
Our growing ISP market will benefit from product changes that further our stated directory vision of 'One Directory Entry - One Person - One Account'.
Directory based configuration
All of our messaging servers support directory-based configuration, having all configuration information stored in a directory from where it can be shared between messaging servers. We've improved our support for directory-based configuration in R11.2 resulting in changes to each of our three Internet servers: M-Switch, M-Vault and M-Box.
M-Switch has adopted the LDAP Schema for Intranet Mail Routing (LASER) which defines an approach to 'last step' mail routing. Amongst the benefits of LASER is that it allows M-Switch to perform email address checking on the boundary of an organization cutting down on server load when dealing with invalid addresses.
We've also implemented LDAP Proxied Authorization Control (Proxy Auth) in M-Vault. Proxy Auth is used where a server wishes to perform directory operations on behalf of another user. M-Box can use Proxy Auth to get information from the directory on IMAP and POP users, simplifying setup and management.
More details on the new release, together with links to supporting whitepapers, can be found on the 'Latest Release' page of the our website.