Sending secure messages

As more people send confidential information by e-mail, it is increasingly important to be sure that documents sent in e-mail are not forged, and to be certain that messages you send cannot be intercepted and read by anyone other than your intended recipient.

By using "digital IDs" with Outlook Express, you can prove your identity in electronic transactions in a way similar to showing your driver's license when you cash a check. You can also a digital ID to encrypt messages, keeping them private. Digital IDs incorporate the S/MIME specification for secure electronic mail.

How do digital IDs work?

A digital ID is composed of a "public key," a "private key," and a "digital signature." When you digitally sign your messages, you are adding your digital signature and public key to the message. The combination of a digital signature and public key is called a "certificate." With Outlook Express, you can specify a certificate to be used by others to send encrypted messages to you. This certificate can be different from your signing certificate.

Recipients can use your digital signature to verify your identity; they can use your public key to send you encrypted mail that only you can read by using your private key. To send encrypted messages, your address book must contain digital IDs for the recipients. That way, you can use their public keys to encrypt the messages. When a recipient gets an encrypted message, their private key is used to decrypt the message for reading.

Before you can start sending digitally signed messages, you must obtain a digital ID. If you are sending encrypted messages, your address book must contain a digital ID for each recipient.

Where do you get digital IDs?

Digital IDs are issued by independent certification authorities. When you apply for a digital ID at a certification authority's Web site, they verify your identity before issuing an ID. There are different classes of digital IDs, each certifying to a different level of trustworthiness. For more information, use the Help at the certification authority's Web site.

How do you verify a digital signature?

With "revocation checking," you can verify the validity of a digitally signed message. When you make such a check, Outlook Express requests information on the digital ID from the appropriate certification authority. The certification authority sends back information on the status of the digital ID, including whether the ID has been revoked. Certification authorities keep track of certificates that have been revoked due to loss or termination.

Related Topics

Obtain a digital ID and add it to your mail account

Add a contact's digital ID to your Address Book

Send a digitally signed and/or encrypted message

Set up Outlook Express to use multiple certificates

Use revocation checking

Advanced security information