Outlook Express is compatible with the S/MIME version 2 specification. Outlook Express supports the following encryption algorithms: RC2 (40-bit and 128-bit), DES (56-bit), and 3DES (168-bit). The RC2 40-bit encryption algorithm is the only algorithm available on non-U.S./Canadian versions of Outlook Express. Outlook Express can decrypt 3DES (168-bit) and RC2 (64-bit) encrypted mail, but cannot send messages using these algorithms.
Outlook Express uses SHA-1 as the hashing algorithm when signing messages. The bit length of your private key varies, depending on the certifying authority from which you obtain it. A certifying authority that uses the Microsoft Enrollment wizard will generate private keys that are at least 512 bits in length.
The private keys are stored on your computer and are only as secure as your computer. Private keys installed using Microsoft cryptographic system components will not be transmitted to the certifying authority which issues the digital ID; the keys are not stored in escrow with any government agency.