Zion Boggan
repos/Oversight/integrations/outlook/index.html
zionboggan.com ↗
Code Commits Tags
141 lines · html
History for this file →
1
<!DOCTYPE html>
2
<html lang="en">
3
<head>
4
  <meta charset="utf-8">
5
  <meta name="viewport" content="width=device-width, initial-scale=1">
6
  <title>Outlook Add-in | Oversight Protocol</title>
7
  <meta name="description" content="Hosted pilot page for the Oversight Outlook add-in, a read-mode task pane for verifying and decrypting sealed attachments.">
8
  <meta name="author" content="Zion Boggan">
9
  <link rel="preconnect" href="https://fonts.googleapis.com">
10
  <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
11
  <link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800&display=swap" rel="stylesheet">
12
  <link rel="stylesheet" href="../../css/style.css">
13
</head>
14
<body>
15
16
<nav class="site-nav">
17
  <div class="nav-inner">
18
    <a href="../../" class="nav-brand"><span>Oversight</span> Protocol</a>
19
    <ul class="nav-links">
20
      <li><a href="../../">Home</a></li>
21
      <li><a href="../../demo/">Demo</a></li>
22
      <li><a href="../../viewer/">Inspect</a></li>
23
      <li><a href="../../docs/">Docs</a></li>
24
      <li><a href="../../research/">Research</a></li>
25
      <li><a href="../../blog/">Blog</a></li>
26
      <li><a href="../../about.html">About</a></li>
27
    </ul>
28
  </div>
29
</nav>
30
31
<main>
32
  <div class="container">
33
    <div class="page-header">
34
      <h1>Oversight Inspector for Outlook</h1>
35
      <p class="subtitle">Read-mode Outlook task pane for verifying and decrypting sealed attachments.</p>
36
    </div>
37
38
    <p>
39
      The Outlook add-in is a thin wrapper around the same browser inspector
40
      code that powers <a href="../../viewer/">the public Sealed File Inspector</a>.
41
      It reads a <code>.sealed</code> or <code>.oversight</code> attachment from the
42
      currently open message, verifies the issuer signature, shows the signed
43
      manifest, and can decrypt the payload when the recipient supplies their
44
      identity JSON. There is no second crypto stack and no telemetry.
45
    </p>
46
47
    <div class="card-grid">
48
      <div class="card">
49
        <h3>Status</h3>
50
        <p>
51
          Hosted pilot scaffold. The manifest, task pane, JavaScript, and icons
52
          are live under <code>oversightprotocol.dev</code>. The remaining gate is
53
          a real Outlook tenant load-test against classic and hybrid sealed
54
          attachments.
55
        </p>
56
      </div>
57
      <div class="card">
58
        <h3>Permission</h3>
59
        <p>
60
          The add-in requests <code>ReadItem</code> only. It can read the open
61
          message and its attachments, but it does not modify mail, send mail,
62
          read folders, or persist private keys in Office storage.
63
        </p>
64
      </div>
65
      <div class="card">
66
        <h3>Crypto boundary</h3>
67
        <p>
68
          Parse, signature verification, and decrypt are imported from the
69
          public viewer modules on the same origin. Office.js is used only to
70
          fetch the selected attachment from Outlook.
71
        </p>
72
      </div>
73
    </div>
74
75
    <h2>Pilot URLs</h2>
76
    <table>
77
      <thead>
78
        <tr><th>Artifact</th><th>URL</th></tr>
79
      </thead>
80
      <tbody>
81
        <tr>
82
          <td>Manifest</td>
83
          <td><a href="manifest.xml"><code>https://oversightprotocol.dev/integrations/outlook/manifest.xml</code></a></td>
84
        </tr>
85
        <tr>
86
          <td>Task pane</td>
87
          <td><a href="taskpane.html"><code>https://oversightprotocol.dev/integrations/outlook/taskpane.html</code></a></td>
88
        </tr>
89
        <tr>
90
          <td>Implementation notes</td>
91
          <td><a href="README.md"><code>integrations/outlook/README.md</code></a></td>
92
        </tr>
93
      </tbody>
94
    </table>
95
96
    <h2>Sideload for a pilot</h2>
97
    <p>
98
      Use the hosted manifest URL above for the first Outlook pilot. Outlook on
99
      the web and Outlook desktop both expose custom add-in installation under
100
      the Get Add-ins flow. A Microsoft 365 admin can also deploy the same
101
      manifest from the admin center under Integrated apps.
102
    </p>
103
104
    <ol>
105
      <li>Open Outlook on the web or desktop with a test mailbox.</li>
106
      <li>Open Get Add-ins, then choose My add-ins and Add a custom add-in.</li>
107
      <li>Use the hosted manifest URL or upload <code>manifest.xml</code>.</li>
108
      <li>Open a message that has a <code>.sealed</code> or <code>.oversight</code> attachment.</li>
109
      <li>Launch Oversight Inspector from the message surface and load the attachment.</li>
110
    </ol>
111
112
    <h2>What is intentionally out of scope</h2>
113
    <p>
114
      The v1 add-in is verify/decrypt only. Sealing from Outlook requires an
115
      issuer key flow and a stronger key-management story, so compose-mode
116
      sealing stays deferred to v2. The task pane also does not perform
117
      attribution searches against the registry; attribution remains a server
118
      and operator workflow.
119
    </p>
120
121
    <h2>Next pilot checks</h2>
122
    <ul>
123
      <li>Load the hosted manifest in an Outlook dev tenant.</li>
124
      <li>Verify a classic sealed attachment end to end.</li>
125
      <li>Verify a hybrid post-quantum sealed attachment end to end.</li>
126
      <li>Confirm the task pane keeps recipient identity material in memory only.</li>
127
      <li>Replace placeholder icons before any AppSource review.</li>
128
    </ul>
129
  </div>
130
</main>
131
132
<footer class="site-footer">
133
  <div class="container">
134
    <p>Oversight Protocol &copy; 2026 Zion Boggan. Apache 2.0 License.</p>
135
    <p><a href="https://github.com/oversight-protocol/oversight">GitHub</a></p>
136
  </div>
137
</footer>
138
139
<script src="../../js/nav.js" defer></script>
140
</body>
141
</html>