<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD><TITLE></TITLE>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2800.1141" name=GENERATOR></HEAD>
<BODY>
<DIV><SPAN class=936283104-18032003><FONT face=Arial color=#0000ff size=2>So it
appears that the certificate survived the routing through the list server as
well. The problem is that the process of storing the certificate is to
right click the from, which in this case is the list server, which means that if
it did save the certificate it would do so to the AccessD contact not to my
contact in your address book.</FONT></SPAN></DIV>
<P><FONT size=2>John W. Colby<BR>Colby
Consulting<BR>www.ColbyConsulting.com</FONT> </P>
<BLOCKQUOTE dir=ltr style="MARGIN-RIGHT: 0px">
<DIV class=OutlookMessageHeader dir=ltr align=left><FONT face=Tahoma
size=2>-----Original Message-----<BR><B>From:</B>
accessd-admin@databaseadvisors.com
[mailto:accessd-admin@databaseadvisors.com]<B>On Behalf Of </B>John W.
Colby<BR><B>Sent:</B> Monday, March 17, 2003 11:21 PM<BR><B>To:</B>
AccessD<BR><B>Subject:</B> [AccessD] Digital signature /
certificates<BR><BR></FONT></DIV>
<P><FONT face=Arial size=2>Trying this again. If anyone can read this,
please at least one such person respond. If anyone can't read
this... uh... don't bother responding.</FONT></P>
<P><FONT face=Arial size=2><grin></FONT> </P>
<P><FONT face=Arial size=2>Digital certificates are essentially a digital
signature as well as a public key / private key pair. The digital
signature tells the person receiving a signed email that the email comes from
you and hasn't been altered. The certificate that is contained in any
signed message also contains a public key belonging to the sender. By
opening the email, right clicking the From line, and adding the person to your
contacts, the certificate from that person, including the public key, is
stored in the contact info. Obvious this isn't going to work as expected
with the list since the message is retransmitted. In fact I have no idea
what is going to happen in this case, we shall just have to wait and
see.</FONT></P>
<P><FONT face=Arial size=2>That public key from the contact can then be used
to encrypt email and theoretically an attachment as well. Since the
public key is stored in the contact record, it is used for the encryption, and
the message (and attachments) can only be decoded by the matching private
key. I.e. automatic digital signature and easy to use (though not
automatic) encryption of messages. Since your friend's certificate is
stored with his contact info on your computer, any email and attachments sent
to him can be encrypted using his public key.</FONT></P>
<P><FONT face=Arial size=2>I say easy to use though not automatic encryption
because in order to encrypt a given message you have to go to the properties
of that message and select encryption. There is however an option to
encrypt all messages. I assume that if the contact selected as the
recipient has no certificate, no encryption takes place, so it appears that
maybe a totally automatic / always on encryption scheme can take place with
any contacts that you have received and stored a certificate for.
However... I tested this... if you send an encrypted message to a contact with
a certificate in your contact book, and CC a contact without a certificate,
the message is encrypted. You are warned that the person without a
certificate will not be able to see the message (because it is encrypted) and
that does indeed happen.</FONT></P>
<P><FONT face=Arial size=2>Anyway, I have always wanted to have this
capability. I have contacts with clients that should be kept
confidential, for example transferring BE databases that contain customer data
to me for my work at my home office etc. The ability to encrypt these
things is or should be important. I understand that there are now laws
that state that if you transmit people's SSNs across the internet you must
take specific precautions or you are breaking the law. I haven't seen
this law, but I know that certain insurance companies I deal with are starting
to get touchy about sending data files to me with the SSNs in them.
Perhaps this security will help in these situations.</FONT></P>
<P><FONT face=Arial size=2>I thought you guys might be interested in what I
have figured out. First of all there is a company that provides FREE
personal email certificates. Most such companies charge a small fee for
them.</FONT></P>
<P><FONT face=Arial size=2><A
href="http://www.thawte.com/html/COMMUNITY/personal/index.html"
target=_blank>http://www.thawte.com/html/COMMUNITY/personal/index.html</A></FONT>
</P>
<P><FONT face=Arial size=2>In order to get this you have to fill out a form
with your address, phone and one personal ID number - SSN, Drivers License
Number or Passport Number. Basically after following the process you are
sent an email to the email address you provide them that contains a "ping"
hotlink that you have to click on which then tells them you received the email
and you are then issued the certificate.</FONT></P>
<P><FONT face=Arial size=2>Anyway, I just thought I'd let you know that free
certs are available, are reasonably easy to obtain, and reasonably easy to get
working.</FONT></P>
<P><FONT face=Arial size=2>John W. Colby</FONT> <BR><FONT face=Arial
size=2>Colby Consulting</FONT> <BR><FONT face=Arial
size=2>www.ColbyConsulting.com</FONT> </P>
<P><FONT face=Arial
size=2>----------------------------------------------------</FONT> <BR><FONT
face=Arial size=2>Is email taking over your day? Manage your time with
eMailBoss. </FONT><BR><FONT face=Arial size=2>Try it free! <A
href="http://www.eMailBoss.com"
target=_blank>http://www.eMailBoss.com</A></FONT> </P></BLOCKQUOTE>
<DIV>
<HR>
</DIV>
<DIV>Is email taking over your day? Manage your time with eMailBoss. Try it
free! <A
href="http://www.eMailBoss.com">http://www.eMailBoss.com</A></DIV></BODY></HTML>