A new requirement set by the German Association of Energy and Water Industries (BDEW) for S/MIME communication might cause some confusion regarding the encryption capabilities of Hornetsecurity.

The requirement set by the BDEW requests that any S/MIME messages should use the RSASSA-PSS standard. This was supposed to take effect on 1st July 2017.

Unfortunately there are no certification brokers located in Germany that can provide any certificates meeting that standard, as this would provide a monopoly to whomever is issueing the certificates.

The BDEW is currently reviewing that situation and any current certificates ordered will remain valid until 31.12.2017 and the situation has been thoroughly assessed. Until then the signature algorithm used by Hornetsecurity remains valid and fully functional.