Friday, January 20, 2006

Free Personal E-mail Certificates

Did you know the protocols that e-mail clients use to communicate with e-mail servers, and e-mail servers use to communicate with other servers are very insecure. This is why it has been so easy for e-mail viruses, and spam to spread. Plus its very easy to forge a message, to make it look like it came from anyone you want it to. To overcome these limitations more people are securing their e-mail communications, or be able to prove that an email was really sent from them?

In order to do this, it requires a digital certificate from a trusted Certificate Authority (CA) that can authenticate who you are. Let me elaborate on the CA part, CAs are a trusted third party (such as: Verisign, and Thwate to name a few) that authenticate your identity. When a CA issues you a digital certificate, they require that you prove who you are (this process varies from CA to CA).

More and more e-mail clients are now supporting digital certificates that allow you to encrypt the contents of your, authenticate the identity of the person who sent the email, and even tell you if the data in the email has been tamper with. These certificates are generally not free, but Thawte has been giving them away for a while for personal use.

When you receive a message that has been digitally signed, it will have an icon that looks like a ribbon on it. If you double-click the ribbon , you can find out information about the sender of the message. Also if the message has been modified, the digital signature will be invalidated.

If you receive a message that is encrypted, it has a lock icon on it. You will be required to authenticate to decrypt the mail. If someone wants to send you an encrypted e-mail they have to have you're public key so that the message can be encrypted before its sent. If you're going to send someone else encrypted e-mail you're going to have to have their public key.

The biggest problem with this technology is Interoperability between e-mail clients. If you're using Outlook Express to communicate with another Outlook or Outlook Express client, you should not experience any problems. But if you're going from an Outlook Express client to another e-mail client that doesn't support SMIME, then you will have issues.

No comments: