-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> -----Original Message-----
> From: Mark Peoples [mailto:[EMAIL PROTECTED]]
> Sent: Sunday, September 16, 2001 10:13 PM
>
> If we get each executive a Verisign $15 digital ID... does it apply
> to internal mail as well as external mail? Without time and
> resources to test
> all of this I can only presume that internal mail would be
> treated (signed
> and encrypted) in the same fashion as external mail...
You can use that certificate for both, external and internal email.
> The recipient will still need to go to the Verisign website
> and download the
> public key or have the sender forward the public key... for
> encrypted messages. For digitally signed messages that are not
> encrypted... then this
> does not apply and the recipient can simply read the message
> and feel all
> warm and fuzzy inside knowing that the contents are 100% legit.
Uhm... no, you don't have to download a certificate from VeriSign.
All VeriSign certs are signed by VeriSign, and since (pretty much)
every browser and email software has (and hopefully trusts) the
VeriSign root cert, these clients also recognize your certificate as
signed. That means that the signature verification will complete.
In order to encrypt messages for someone, you need their public key
portion. That is transmitted either by attaching the public key to
your email (typically done when you sign it, but not required,
depends on your settings in Outlook). Once you have received a signed
email, you can import that certificate into your certificate store.
You also need to create a Contact (and this is my main complaint
about S/MIME with Outlook) in Outlook and list that certificate under
the certificate tab. Then, and only then, can you send an email to
that user in encrypted form.
Mind you that the above is done 'per hand'. If you use certain PKI
software from certain vendors, it may help the user to facilitate
these tasks. But basically that is the process.
Your key: Public and Private portion resides in your certificate
store, protected by a password.
User key: Public portion exists in your certificate store. It also
has to reside in a Contact in Outlook.
The certificate store is accessed through the Options in Internet
Explorer->Content->Certificates.
Regards,
Frank
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.8
Comment: PGP or S/MIME (X.509) encrypted email preferred.
iQA/AwUBO6VxXZytSsEygtEFEQLYGACdE/X0NjDUYgO9gcFkeZZaXJWGL28An1Be
AT+NwreFPvYomLuFZ5wax086
=VfPL
-----END PGP SIGNATURE-----
_________________________________________________________________
List posting FAQ: http://www.swinc.com/resource/exch_faq.htm
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin: [EMAIL PROTECTED]
