countermail.com domain & alternatives

I was wondering if Countermail could comment, or any other users have anything to say about CM being on a .com domain. Obviously Kim.com had these issues with mega, and now you see articles popping up everywhere about this issue. I do see that their .se forwards to .com. Why not use .se as main?

"For months, the US Government has issued court orders in order to seize and shutdown sites—even when the domain names are registered abroad. Now it has made its position on domains perfectly clear: If it ends in .com, .net, .cc, .tv and .name, we can seize it."
http://gizmodo.com/5890946/the-government-says-it-can-seize-any-com-domain

Outside of crafting my own server, I was looking into some secure alternatives like CM. CM looks pretty solid besides this domain thing. Looking at their site I found: "Countermail will not accept an order from any organization or investigative agency that is outside Sweden. If we get a court order from the Swedish police, we can give them some account data, but most of the data is only available in encrypted form*." Does this change with it being on a .com?

Any other safe alternatives that also support YubiKey/USB auth? Any input is greatly appreciated!

 

We don't break any laws, so why should they close the domain?
From what I have seen with the domains that were closed, is that the domain owners were involved in some kind of illegal activities. We have already registered more than 20 domains as a last resort, if something strange happens.

 

Thanks for the reply! I'm definitely looking forward to contributing some $ to CM!

 

@Countermail, is it possible to use your own USB key or do you have to purchase the ones from you? If you can't use your own, why not? What do you guys do to the USB that can't be done by anyone?

 

The manufacturer ID and the unique serial number is hardcoded during the initialization, to prevent copying of the original. If we did not have any copy protection it would be easy to create a copy, and therefore easier to "attack" the email account.

However, we are working with a new routine where the hardcoding is done on the users computer, so it will soon be possible to use any USB-device as authentication token.

 

Thanks, looking forward to this feature! Any estimate on when this could be released/enabled?