No description or website provided.
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
dst-web change SMIMEA generation to use PEM certs Mar 30, 2017
project GD-14 update to most recent DANE SMIMEA standards Feb 13, 2017
.gitignore NOTICKET Feb 25, 2015
LICENSE GD-11 update README and add LICENSEs Feb 13, 2017 Add Great DANE logo to README Jun 12, 2017
build.sbt GD-11 add copyright notice to each source file Feb 13, 2017

Great DANE

Great DANE is a suite of tools designed to enable users to send secure, private emails without having to explicitly exchange public keys. By default, email is sent in the clear (without encryption) and unsigned (unauthenticated). S/MIME solves both of these problems by encrypting and signing emails, however it requires you to have the certificate belonging to your correspondent, presenting a chicken-and-egg problem. By using the DNS as a secure distributed database for S/MIME certificates, we can eliminate this barrier and finally make email completely confidential and authenticated.

For more information on DANE SMIMEA, please see the IETF RFC.

Great DANE Toolset

The Great DANE Toolset is a standalone web server demonstrating Great DANE functionality using DANE SMIMEA for email signing and encryption.

See the Great DANE Engine for an up-to-date implementation of the core Great DANE features.

The project is developed with Scala, sbt, Jersey, and AngularJS.

The project components are:

  • dst-core - common core code for DaneSmimeaService, DST workflow, Email sending, and Email fetching
  • dst-web - Jersey/AngularJS based web application that pulls it all together.


The build is done with Simple Build Tool (SBT).

The web portion of the project is based on the main Webapp plugin. This gives a handful of webapp related build tasks such as preparing a webapp directory without creating a war web\webapp:prepare, running a web container locally, or deploying to a cloud webapp container. See:

Build entire project

$ sbt clean package

War will be found at ./dst-web/target/scala-2.11/dst-web-x.x.war. The war file may be deployed to any servlet container. Additional config is needed; see below.

Core jar will be found at ./dst/dst-core/target/scala-2.11/dst-core_2.11-x.x.jar.

Run locally

$ sbt tomcat:start tomcat:join

Build a webapp directory without war packaging

$ sbt webappPrepare


Configuration is supported by TypeSafe's config classes, with a custom config loader that gives a lot of flexibility.

To get started locally, you must provide the passwords for the default config. Do this by creating a file called dst.conf in the app directory or a parent directory. It should have the following content:

EmailSender.password = "PASSWORD_1"
EmailFetcher.password = "PASSWORD_2"

Config Loading

Configuration is loaded from the following locations in order of precedence from highest to lowest:

  • System properties - System properties may be specified on the Java command line or in ElasticBeanstalk configuration properties.
  • dst.conf files - The application will search for dst.conf files in the current application directory and all of it's parents.
  • reference.conf + -D, where is profile.current=prod or profile.current=dev). The specified profile may have properties that override default properties.
  • reference.conf - A file found in the source resources directory, which specifies both default properties and profile properties.


Dual-licensed under Apache License 2.0 and 3-Clause BSD License. See LICENSE.