Charlotte Foust
cfoust at infostatsystems.com
Tue Mar 18 12:15:00 CST 2003
My outlook won't even let me reply to the ones with the blue symbol. It wants nothing to do with them. Pretty good security at that! NOBODY can get in, even the author. <vbg> Charlotte Foust -----Original Message----- From: John W. Colby [mailto:jcolby at colbyconsulting.com] Sent: Tuesday, March 18, 2003 8:19 AM To: accessd at databaseadvisors.com Subject: RE: [AccessD] Digital signature / certificates Yea, I know. I can't read them either. And the weird part is that it seems to be a flip of the coin how they come through. I replied to a message, got that blue symbol. Replied again got the readable version. Replied again got the blue symbol. Not good. John W. Colby Colby Consulting www.ColbyConsulting.com -----Original Message----- From: accessd-admin at databaseadvisors.com [mailto:accessd-admin at databaseadvisors.com]On Behalf Of Charlotte Foust Sent: Tuesday, March 18, 2003 11:05 AM To: accessd at databaseadvisors.com Subject: RE: [AccessD] Digital signature / certificates These I can read. The ones that come through with a little blue information icon are unopenable because it says "Your Digital ID name cannot be found by the underlying security system." I'm using Outlook XP on WinXP. All the latest patches. Charlotte Foust -----Original Message----- From: John W. Colby [mailto:jcolby at colbyconsulting.com] Sent: Monday, March 17, 2003 8:21 PM To: AccessD Subject: [AccessD] Digital signature / certificates Trying this again. If anyone can read this, please at least one such person respond. If anyone can't read this... uh... don't bother responding. <grin> Digital certificates are essentially a digital signature as well as a public key / private key pair. The digital signature tells the person receiving a signed email that the email comes from you and hasn't been altered. The certificate that is contained in any signed message also contains a public key belonging to the sender. By opening the email, right clicking the From line, and adding the person to your contacts, the certificate from that person, including the public key, is stored in the contact info. Obvious this isn't going to work as expected with the list since the message is retransmitted. In fact I have no idea what is going to happen in this case, we shall just have to wait and see. That public key from the contact can then be used to encrypt email and theoretically an attachment as well. Since the public key is stored in the contact record, it is used for the encryption, and the message (and attachments) can only be decoded by the matching private key. I.e. automatic digital signature and easy to use (though not automatic) encryption of messages. Since your friend's certificate is stored with his contact info on your computer, any email and attachments sent to him can be encrypted using his public key. I say easy to use though not automatic encryption because in order to encrypt a given message you have to go to the properties of that message and select encryption. There is however an option to encrypt all messages. I assume that if the contact selected as the recipient has no certificate, no encryption takes place, so it appears that maybe a totally automatic / always on encryption scheme can take place with any contacts that you have received and stored a certificate for. However... I tested this... if you send an encrypted message to a contact with a certificate in your contact book, and CC a contact without a certificate, the message is encrypted. You are warned that the person without a certificate will not be able to see the message (because it is encrypted) and that does indeed happen. Anyway, I have always wanted to have this capability. I have contacts with clients that should be kept confidential, for example transferring BE databases that contain customer data to me for my work at my home office etc. The ability to encrypt these things is or should be important. I understand that there are now laws that state that if you transmit people's SSNs across the internet you must take specific precautions or you are breaking the law. I haven't seen this law, but I know that certain insurance companies I deal with are starting to get touchy about sending data files to me with the SSNs in them. Perhaps this security will help in these situations. I thought you guys might be interested in what I have figured out. First of all there is a company that provides FREE personal email certificates. Most such companies charge a small fee for them. http://www.thawte.com/html/COMMUNITY/personal/index.html In order to get this you have to fill out a form with your address, phone and one personal ID number - SSN, Drivers License Number or Passport Number. Basically after following the process you are sent an email to the email address you provide them that contains a "ping" hotlink that you have to click on which then tells them you received the email and you are then issued the certificate. Anyway, I just thought I'd let you know that free certs are available, are reasonably easy to obtain, and reasonably easy to get working. John W. Colby Colby Consulting www.ColbyConsulting.com ---------------------------------------------------- Is email taking over your day? Manage your time with eMailBoss. Try it free! http://www.eMailBoss.com _____ Is email taking over your day? Manage your time with eMailBoss. Try it free! http://www.eMailBoss.com -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://databaseadvisors.com/pipermail/accessd/attachments/20030318/be751ae9/attachment-0001.html>