Back to blog
Features

Certify your emails with Junyr — RFC 3161 cryptographic proof + PDF + QR code

May 3, 20265 min

Nightly RFC 3161 cryptographic timestamping for every email received and sent. Downloadable certified PDF with QR code, public verifier without an account.

Certify your emails with Junyr — RFC 3161 cryptographic proof + PDF + QR code

Junyr now supports RFC 3161 cryptographic timestamping on every email. Each message you send or receive can be proven: the content has not changed, the date is attested by an independent third party, and you can download a certified PDF that anyone — including a lawyer with no Junyr account — can verify.

The problem: "I really did send that quote on March 12"

Picture the scenario. Three months after sending a quote, your client disputes it: "I never received that email," or worse "the version you're showing isn't the one I got." Without cryptographic proof, it's their word against yours. Email headers can be forged after the fact (you edit the .mbox, the timestamp changes). SMTP logs from your server are contestable — you're the one holding them.

To be legally enforceable, you need a timestamp signed by a trusted third party, on a cryptographic hash of the content. That is exactly what RFC 3161 defines.

The solution: nightly Merkle timestamping

Every night, Junyr does four chained operations:

  1. Hash every email — for each message received/sent on inboxes that have opted in within the last 24 hours, Junyr computes a SHA-256 over the canonical RFC 5322 bytes (body + headers + attachments). That's the unique fingerprint of the message.
  2. Build a Merkle tree — all the day's hashes are combined into a binary tree. The root of the tree cryptographically summarizes the whole batch.
  3. Send the root to an RFC 3161 timestamping service — Junyr submits this root to Freetsa.org (Phase 1, free). The service signs the root with its TSA certificate and returns a timestamped token.
  4. Store per-email proof — for each individual email, Junyr stores its Merkle path (the sibling hashes needed to reconstruct the root) plus the TSA token. That's the compact per-message proof.

To prove that a given email existed on date X with content Y, you only need to: (1) recompute the hash of the .eml, (2) walk the Merkle path to reconstruct the root, (3) verify the TSA signature on that root. Three steps, three minutes from a command line, verifiable independently of Junyr.

The certified PDF

From any email carrying the "Certified" badge (a green seal icon), one click on "Download proof PDF" generates a Typst document containing:

  • The email itself, cleanly typeset (headers, body, attachments listed with their own hashes).
  • The audit block: SHA-256 fingerprint of the .eml, full Merkle path, batch Merkle root, TSA token identifier, UTC timestamp date, TSA provider name.
  • A QR code that points to junyr.app/verify/{token} — a 192-bit random identifier, distinct per email.

You can print this PDF, hand it to a lawyer, attach it to a court filing. It is self-contained.

The public verifier

/verify/{token} is a public page: no authentication, no account needed, rate-limited to 10 requests per minute per IP. It displays:

  • The TSA identity and the signed date.
  • The expected hash.
  • A drag-and-drop zone: drop the original .eml, your browser re-hashes it locally (Web Crypto API: crypto.subtle.digest('SHA-256')), and confirms whether it matches. No server upload, no content leak. The verifier runs entirely in the browser of the person checking.

If the hash does not match: either the email has been modified, or it's not the right .eml. The verdict is binary and immediate.

Phase 1 vs Phase 2

Phase 1 (today) uses Freetsa.org, a non-qualified TSA. The proof is cryptographically valid — any engineer can verify it in minutes — but it does not carry the legal qualification of Article 41 of EU Regulation 910/2014 (eIDAS).

Phase 2 (coming, on customer opt-in) will switch the Merkle root to Universign, a qualified trust service provider listed on the EU Trusted List. The proof will then carry full evidentiary weight before any European court, with no contest possible. The marginal cost is on the order of €0.15/month/user.

The architecture is designed to allow the switch without re-certifying older emails — they stay valid under Phase 1, new ones go to Phase 2.

How to enable

Settings → Email → "Cryptographic timestamping" → flip the toggle. It's included in every Junyr subscription (one batch per day). The first timestamped email will show the "Certified" badge within 24 hours of activation.

Enable timestamping in Settings → Email — it's included in your subscription, and every email you send becomes an exportable proof.

#certification#rfc-3161#timestamping#merkle-tree#email-proof#compliance
JT

Junyr Team

AI Platform Team

The Junyr team builds AI workforce tools that help European SMEs recruit, train, and manage autonomous AI agents for everyday business tasks.

Related Articles

Professional Email Integration: Junyr's Advantage

Integrated Stalwart mail server vs external Gmail integrations. Real-time Email-to-Task, custom domains, S3 archiving.

Read article →

3-Step Workflow: Junyr's Quality Guarantee

Query Check, Execution, Verification: the 3-step workflow that significantly reduces errors and guarantees quality.

Read article →

Universal Inbox: 360° View vs Scattered Data

JMAP Resources unifies emails, documents, datasets. 3-tier late binding, Project 360 View. End treasure hunt across 5 apps.

Read article →