Outlook Security Application Digital signature (real free) _ Application Tips

As more and more people send confidential information through e-mail, it becomes increasingly important to ensure that documents sent in e-mail are not forged. It is also important to ensure that the messages sent are not intercepted or stolen by anyone other than the addressee.
By using the digital ID of Outlook Express, you can prove your identity in an electronic transaction, as if you were to show a valid document when you pay a cheque. You can also use digital IDs to encrypt messages to protect personal privacy. Digital IDs combine the S/MIME specification to ensure e-mail security. (Excerpt from Outlook Help)

The following is the entire process I requested (Microsoft Internet Explorer,outlook Express):

1. The first is the site to Microsoft, with various units and functions for issuing digital certificates, the last of which is https://www.thawte.com, a company dedicated to issuing free digital signatures for secure customer authentication and secure messaging systems, It is also a Microsoft Trusted root certification authority.

2, to the https://www.thawte.com site, you will find all English, it is difficult to see, it does not matter, in the bottom part of the content is:
===============================================================

Secure Your Email
Secure your email with free Personal Email certificate.
Have your identity asserted through Thawte ' s Web of trust

===============================================================
From free Personal Email certificate link to http://www.thawte.com/getinfo/products/personal/contents.html, This is the beginning of your application for a free mail certificate. You can enter from a small icon marked "JOIN" on the page
Https://www.thawte.com/cgi/enroll/personal/step1.exe formally began to apply, this process takes 7 steps, patience, slowly. If you have any questions, you can also go through the "How to register" under "Personal certificates" in the left-hand navigation bar http://www.thawte.com/getinfo/products/ Personal/join.html to see exactly what needs to be done to get it done. (In addition, I began to use a 263.net mailbox to apply, but can not receive Thawte sent over the confirmation letter, then the success of Sina, in fact, this is not important, because this information can be modified in the future)

3, after completing the above step1~step7, you should go to your just fill in the mailbox to collect the letter, now should have a title "Thawte Mail Ping" Mail, if you do not receive immediately, just wait a few minutes to see, if the 24-hour confiscation, You need to reapply, the most likely cause of this failure is that you have provided an invalid email address, or the email address is not Thawte confirmed. An address Https://www.thawte.com/cgi/enroll/personal/step8.exe is provided in the received message, and it is clear that this is what will continue after STEP7, plus a set of confirmation codes " Probe "and" Ping ", in the STEP8 page to fill in the relevant data, it is recommended to use" copy "and" Paste "to complete the filling operation. Next is the confirmation of some personal information, and you can press "next" to continue the next step until the prompt is complete.

4, this time you need to collect mail again, this time should be a title "certificate requested" mail, also provides some instructions, you can pass http://www.thawte.com/certs/personal/ Wot/ttpintro.html link to the address where the request needs to be continued. In this page you can link "Personal certificate System" to http://www.thawte.com/getinfo/programs/personal/contents.html, and then link " LOGIN ' small icon to continue the operation. Actually, you can go straight to http://www.thawte.com/cgi/personal/. Contents.exe continue to operate, in this page before you need to enter your username and password, this user name is the STEP1~STEP7 you fill in the name of the mailbox, the password is also filled in the STEP1~STEP7 password. You should be able to see the "Certificate Manager" column in the left-hand navigation bar, click to expand, you can see that there are 3 items, in order: Request a certificate (apply for a certificate), View certificate Status (View certificate status) and revoke a certificate (revoke a certificate), you should now enter from "Request A certificate", and a bunch of options plus next, it should be done smoothly.

5, since you have applied, then go to see the mail now, haha, there is a letter called "Thawte Personal Cert Issued" mail, this should be no problem, sure enough, this letter provides a link: https:// www.thawte.com/cgi/personal/cert/deliver.exe?serial=123456, of course, only the form is like this, the serial number is certainly not the same, this page is clearly marked "Install Your MSIE Certificate ", there is a button prompts you to install, do not worry about security risks, this is a reliable site, the point of" Install your Cert "button, you need to go to this place to view your certificate: You now open ie" tool "->" Internet Options-> Content-> Certificate-> personal property page, there should be a certificate issued to "Thawte Freemail member", and you should be able to see your mailbox in the subject attribute of the Details property page of the certificate properties. , you can also see other attributes, such as the expiration of one year and so on. OK, it's done!

6, it is noteworthy that, if you use the WWW way to view the mail, the other side sent over the message with the certificate will have a certificate attachment, in addition you can not encrypt your mail.

=============================================================
7, the following is about how OutLook sends, receives digitally signed or encrypted messages.
(1) Send secure mail
As more and more people send confidential information through e-mail, it becomes increasingly important to ensure that documents sent in e-mail are not forged. It is also important to ensure that the messages sent are not intercepted or stolen by anyone other than the addressee.
By using the digital ID of Outlook Express, you can prove your identity in an electronic transaction, as if you were to show a valid document when you pay a cheque. You can also use digital IDs to encrypt messages to protect personal privacy. Digital IDs combine the S/MIME specification to ensure e-mail security.

(2) How does a digital ID work?
The digital ID consists of the public key, private key, and digital signature. When you add a digital signature to a message, you include a digital signature and a public key in the message. A digital signature and a public key are collectively referred to as "certificates." You can use Outlook Express to specify the certificate that you want to use when someone sends you an encrypted message. This certificate can be different from your signing certificate.
Recipients can use your digital signature to authenticate you, and you can use a public key to send you encrypted messages that must be read with your private key. To send an encrypted message, your address book must contain a digital ID for the recipient. This way, you can use their public key to encrypt the message. When the recipient receives the encrypted message, it can be read by using their private key to decrypt the message.

You must obtain a digital ID before you can send a digitally signed message. If you are sending an encrypted message, your address book must contain a digital ID for each recipient.

(3) Where can I get a digital ID?
Digital signage is issued by an independent authority. When you apply for a digital ID to an authority's WEB site, the authorization authority has a process to confirm your identity before issuing the identity. Digital IDs have different categories, and different categories offer different levels of credit. For more information, see Help on the licensing authority WEB site.

(4) How to verify the digital signature?
With undo checksum, you can verify the legality of a digitally signed message. When you make a checksum, Outlook Express requests information about the digital ID from the appropriate authority. The authority sends back the status information for the digital ID, including whether the identity has been revoked. The authority will monitor the certificates that have been revoked for reasons such as loss or termination.


(5) Set Outlook Express to use multiple certificates
By setting, you can have Outlook Express use a certificate when sending digitally signed messages, and another certificate when sending encrypted messages. Before you do this, you must obtain at least one certificate.
>> on the Tools menu, click Account Number.
>> Select the account you want to use for the certificate, and then click the Properties button.
>> on the Security tab, click Select to pick the type of certificate you want to use.

(6) Get the digital ID and add it to the mail account
To send digitally signed messages, you must first obtain a digital ID. When you send the first digitally signed message, Outlook Express automatically adds your digital ID to the mail account.
In a new mail window, select a digital signature from the Tools menu.
Compose and send the message.
When you send a message, Outlook Express searches on your computer to find a valid digital ID with the same e-mail address and add it to your mail account. If more than one valid digital ID is found, you must select one from it to add to the account.

Trick
To correctly use a digital ID, the address of the digital ID's e-mail message must match the address of the mail account. If you have multiple mail accounts, you must prepare a separate digital ID for each account that you want to use to send secure messages.

If you set up a different reply address (which can be set on the General tab in the Account Properties dialog box), the recipient of the message will not be able to reply you to the encrypted message with your identity. When you send a secure message, your reply address must be the same as the account number used to send the digitally signed message.

(7) Reading messages with digital signatures and/or encryption
You can read messages with digital signatures and/or encryption as you would any other message. When you first open or preview a message with a digital signature and/or encryption, Outlook Express displays the help screen.
If you receive a security message that is in question, such as if the message has been tampered with or the sender's digital ID has expired, you will see a security warning that details the problem before being allowed to read the message content. Depending on the information in the warning, you can decide whether to view the message.
After you send digitally signed messages to your contacts, you can read their encrypted messages by reading regular mail.
In addition, when you receive a digitally signed message, if you do not already have a digital ID for the sender, it is automatically added to your address book.

===================================================================
Have you found any of this pretty good writing about Outlook? Oh, of course not I wrote it, is from the help of Outlook copy down:
If there is no clear place, send me an e-mail, but it is better to take this process as an English learning process well. (Author: Aladdina)