Show AllYou can help prevent impersonation and tampering when sending e-mail messages in Microsoft Office Outlook 2003 by using cryptographic features such as S/MIME digital signatures and encryption. You obtain certificates for digital signing and encryption from a certificate authority. Digitally signing a message applies the sender's certificate and public key to the message. Certificates are also used when encrypting a message.
Learning more about cryptography and cryptographic certificates can help you understand how digital signing and encryption work together in Outlook 2003 to help provide more secure e-mail messaging.
Cryptography is a set of standards and protocols for encoding data and messages, so that they can be stored and transmitted more securely. The following introduces the basic terminology of cryptography and explains some of the common methods used.
Cryptography helps you to have more secure communications, even when the transmission medium (for example, the Internet) is untrustworthy. You can also use it to encrypt your sensitive files, so that an intruder is less likely to understand them. Cryptography can be used to help ensure data integrity as well as to maintain secrecy. Cryptography helps to verify the origin of data and messages, by using digital signatures and certificates. When you use cryptographic methods, the cryptographic keys must remain secret. The algorithms, key sizes, and file formats can be made public without compromising security.
The two fundamental operations of cryptography are encryption and decryption. Encryption involves scrambling the data in such a way that it should be infeasible to deduce the original information, unless you have access to the appropriate key. Decryption is the reverse process: Scrambled data is turned into the original text by using a key.
In order to encrypt and decrypt, you need an encryption algorithm and a key. Many encryption algorithms exist, including Data Encryption Standard (DES), Rivest/Sharmir/Adleman (RSA) encryption, RC2, and RC5. A key is used in conjunction with the algorithm to convert the plain text (readable by people) into cipher text (scrambled, unreadable by people).
DES, RC2, and RC5 are known as symmetric key technology because the key used to encrypt the data is the same one used to decrypt it. Hence, the key must be a shared secret between the party encrypting the data and the party decrypting it. You can use public key technology to pass the key securely to the other party.
RSA is known as public key, or asymmetric, technology, because two keys are used: a public and a private key. The keys are mathematically related, but you cannot figure out one without knowing the other. The private key is kept private
Outlook 2003 uses certificates in cryptographic e-mail messaging to help provide more secure communications. To use cryptography when you send and receive e-mail messages, you first obtain a Digital ID from a certificate authority (CA). A Digital ID contains a private key that is stored on the sender's computer and a certificate (with a public key). Your certificate is sent when you digitally sign messages to help authenticate you to the recipient. You also use a certificate in Outlook when you encrypt messages.
Certificates are validated by means of a certificate hierarchy. The root certificate authority is at the top of a certification hierarchy and is the most trusted CA. The root CA has a self-signed certificate, so it is important to obtain certificates only from certificate authorities that are known and trusted.
You can learn more about the characteristics of a certificate (one of your certificates or a certificate that is attached to an e-mail message you have received). For example, you can:
or Signed 
. For messages that are signed, or encrypted and signed, in the next dialog box (for example, the Digital Signature: Valid dialog box), click Details.In the Message Security Properties dialog box, you see the properties of the message, including the security layers. You can click a security layer to see a description of that layer.
You can also view additional information about the certificate or make changes to a security layer. For example, you may want to find why Outlook has determined that a certificate for an e-mail message is invalid or not trusted. In some scenarios, you can also take steps to correct the status of the certificate. For example, you can choose to trust the CA that issued the certificate, if that is why a digital signature certificate is not trusted.
To make changes to the trust status of the certificate, click the signature layer or encryption layer, and then click Edit Trust. To see additional information about the encryption of a message or the digital signature on a message, click the signature or encryption layer, and then click View Details. Finally, to trust all messages signed by the certificate authority, click the signature layer, and then click Trust Certificate Authority.
Note The buttons are inactive when the Subject layer is selected.