Hi Commtouch people, I am intrigued and hopeful about your secure e-mail product, Pronto Secure. However, I am puzzled about its support for POTP encryption. The other encryption protocols (PGP, PEM, MOSS, and S/MIME) have all been reviewed carefully by outside experts, and there is general consensus that these protocols embody state-of-the-art cryptographic technology, and that there are no known major security flaws. POTP stands out on your list because such a review has not been carried out. In fact, grave doubts have been raised regarding its security, and (to my taste, anyway) not satisfactorily answered. I do not wish to raise those points here, nor do I wish to claim here that POTP is insecure. However, I believe the reputation of your product is drawn into question by association. Should POTP be definitively demonstrated to be weak, then it would not be the case that using your product according to the instructions would provide "security." Further, I would consider it slightly misleading to describe it as "mission-critical." I feel the situation is analogous to that of a hypothetical networking company claiming that their product delivers high bandwidth by offering the choice of ATM, Myrinet, 100Mbps Ethernet, or string and tin cans. That said, I applaud your multiprotocol approach in general. In fact, I feel it is the future of Internet security tools. I hope your product gains widespread acceptance, and helps to further the cause of deployment of strong crypto. Raph Levien