• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 545
  • Last Modified:

Symantec PGP and signing email

I have symantec PGP in place. Encryption works fine. There is also an option to sign email but at the moment when I send a signed email it just has a series of numbers at the bottom. I believe a cert will need to be bought some where along the way I'm just not sure if this is one cert for the entire org or individual certs. Can someone that is using this fill me in on their experience
0
Sid_F
Asked:
Sid_F
  • 2
  • 2
1 Solution
 
Dave HoweSoftware and Hardware EngineerCommented:
Signing is the reverse function of the decryption key - so any user able to decrypt messages, should be able to sign, and any user able to encrypt messages, should be able to verify a signature.
0
 
SebastianAbbinantiCommented:
With the normal PKI Process, others will encrypt messages with your public key, and you will decrypt them with the private key. The signing process is the opposite. You will included a signature (containing a hash of the original email), encrypted with your private key. The email is sent with your certificate, public key and signature attached. The email itself can be encrypted or sent in plain text.

The signature will be decrypted with your public key. The hash is revealed and compared to a new hash of the message. If they match, the message was not altered. This provides integrity protection. Non-reputation is provided if the certificate is signed by a trusted authority.

Thanks,
S.
0
 
Sid_FAuthor Commented:
Ok is this crazy for me to thing that I should be able to buy a cert from someone like verisign, use this to sign specific emails leaving the company using symantec PGP, then when the external recipient (external company) on the other end receives the email they should be able to see the mail is legitimate as they have the verisign CA. A similar analogy would be a user going to a secure website, as they have the root CA they can verify the cert is good an in date etc. With this in mind can you give me some ideas
0
 
SebastianAbbinantiCommented:
No crazy at all. That is exactly how it works. Comodo offers one.
http://www.instantssl.com/ssl-certificate-products/free-email-certificate.html

Thanks,
S.
0
 
Sid_FAuthor Commented:
Ok but does this work being deployed and controlled by symantec PGP server, thats the tricky part
0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now