We just got a status page running at status.navi.land/status/navi. It's Uptime Kuma cuz why not. It works, it looks decent, and it screams at us when things break.
We also added a redirect at navi.land/status because typing the full path is annoying.
In the future, we will probably setup a totally custom domain for this instance. That way, if the feds seize our assets or the registry nukes our main domain because they don't like our vibe, we can still post updates via the status page to let you know exactly how fucked we are.
Transparency (or whatever)
Now you can see our shitty uptime for yourself. Feel free to stare at the graphs and email us over the slightest inconvenience.
Also fuck it. If anyone's actually reading this, we put a treat in here. For the next 420 hours, anyone who clicks this link right here will get 5GB lifetime for free for actually reading this shit.
(You must be logged in dibshit)
We installed a blog and a keyserver
We spun up an instance of WriteFreely to serve as a blog at blog.navi.land. Don't expect a ton of posts or for us to maintain this religiously. We'll post shit here when we change things on the backend or if the server catches fire.
Hagrid and keys.navi.land
We are now self-hosting Hagrid, the verifying OpenPGP keyserver written in Rust. It's the same code running on keys.openpgp.org and it's living at keys.navi.land now.
To make this actually usable, we hacked together a management page at https://navi.land/user/keys.php. This page bridges your mailbox with the local Hagrid instance (running on port 8090).
Functionality
Generate Keys: Click a button and get a Curve25519 key pair. We encrypt the private key with AES-256-GCM and shove it in the database. The public key goes to the keyserver.
Import/Export: You can upload your own keys or download the ones we generated to use in local clients like Thunderbird.
Verification: The “Resend Verification Email” button forces the keyserver to send you a link. Clicking that link proves you own the email, verifying your key on the public directory.
End-to-End Encryption Settings
We added a few toggles to the dashboard. Use them or don't.
Encrypt Incoming Mail: Incoming plaintext gets encrypted with your public key before it hits the disk. This protects your data at rest. Warning: If you lose your private key, your email is gone forever. We cannot help you recover it.
Publish Key (WKD): This pushes your key to the Web Key Directory. It allows other providers to auto-discover your key and send you encrypted mail without a manual handshake.
Enable Public Key Discovery: We attempt to find public keys for your recipients automatically.
Trust Issues
If you are paranoid, do not use our key generator. Do not let us store your private key. Manage your own keys locally on your own machine using GPG or a desktop client, and only upload the public key to us.
Actually, if you really don't trust us, go buy some hardware and host your own email server. We don't care. We offer this service for convenience, but the only way to be 100% sure we aren't looking at your data is to keep your data off our servers entirely.