Home
 
Download
 
Buy now
 
Tech support
 
Tools
Tutorials
Extras
Screenshots
ZAR 9.2 Manual
Zmeil 2.1 Manual
Known camera compatibility list
Articles
Links
Acronyms
News
Contacts

Home / Extras / Articles / Email security certificates

Email security certificates

What is an email security certificate?

An email security certificate is an electronic analog of passport; thereby, the mechanisms of issuance and use of the passports are similarly applicable to the certificates.
  • Email security certificates are issued by the authorities with undoubted credibility (compare with Department of State in US or Home Office in UK).
  • Basically, an email security certificate is an electronic document with a lot of fields such as
    • your name
    • email address
    • your public key (which you can safely share with others)
    • your private key (this one you keep secret)
    • name of the authority issued the certificate
    • digital signature produced by the certificate's issuer
    • validity (expiration date)
  • A certificate binds together email address and personal identity data which in turn sealed by digital signature produced by the trusted authority (compare with stamps used in passport issuance).
  • There are revocation centers where you can revoke or even cancel your certificate (compare with a situation of lost or stolen passport)
  • Email certificates are equally used to digitally sign email messages, and encrypt contents of the messages.

What is an authority?

  • An authority is someone who can clearly ascertain the user's identity and no one would doubt it.
  • Actually, this is always a matter of two: you and your recipient must trust the authority which you choose to verify yours identities.
  • Because there might be quite a lot of potential authorities (from your mutual friends to trusted third party organizations) with different levels of trust, there was a need for the authority regulating mechanisms and finally all has come to the hierarchical structure.
  • There are a few top-level widely known authorities and a lot of less-known ones which obtained their own certificates from the authorities up the hierarchical ladder.
  • Authorities verify user's identity by issuing a digitally signed certificate which can be free or not depending on its expiration date and level of confidence in the certificate's issuer.
  • Normally, authorities attest that the public key contained in the issued certificate belongs to the person with mentioned in the certificate personal data, while the certificate's owner identity is not verified.
 

 

Where to get a certificate?

Anyone can obtain his or her own certificate from an authority; there are several very well-known and certainly trusted authorities producing mostly paid-for certificates:

 

How to share a public part (a.k.a. public key) of a certificate with others?

When you got your own email certificate, to begin to properly use it, first you have to share your public key shipped with the certificate with those
  • to whom you are going to send digitally signed emails
  • from whom you wish to receive encrypted email messages

At the moment we are only dealing with email certificates installed on Outlook Express; to extract a public key from such a certificate you should use Certificate Export Wizard embedded in Outlook Express (see under "Tools" -- "Options" -- "Security" -- "Digital IDs..." -- "Export") and just follow the instructions. A public key extracted with the help of the wizard will be saved in a file typically with a .CER file type (extension), later it can be delivered by usual means to any persons concerned. Please, refer here for more information on extracting a public key from a certificate installed on Outlook Express.

<<Encrypted emails in Outlook ExpressArticlesReboot>>

Copyright © 2001 - 2013 ZAR data recovery.