Solved

Email Encryption

Posted on 2014-01-13
4
280 Views
Last Modified: 2014-02-03
I'm having a problem working with digitally signed email messages.  I'm using the free cert from Comodo.

Instructions from Comodo indicate that I should save the signed address to my address book.  That seems to be the problem. I've tried this saving process from Windows Live email, and Outlook 2010.  I don't believe I'm saving the cert as it should be saved.  Anyone know what I'm skipping here?

So far, I can send signed email messages, but I'm still working on the requirements for sending an encrypted message.

I corrupted the contact in the Windows Live address book.

Then over in Outlook 2010 there's no indication that the contact is signed, although the original message is clearly signed.

The end user is on a POP3 account and wishes to send encrypted messages with encrypted attachements.

Please advise.
0
Comment
Question by:kengreg
  • 2
  • 2
4 Comments
 
LVL 33

Expert Comment

by:Dave Howe
ID: 39777137
You can't send an encrypted message using your own key.

The way it works is this. With the PRIVATE key for a certificate, you can decrypt encrypted messages sent to that certificate, and send signed messages to other recipients (which usually will also include the certificate).

With someone else's CERTIFICATE (which contains the public key) you can encrypt messages to the person or persons named in the certificate, and verify signed messages from that person.  Again, usually the signed message will include the certificate, which means if you receive a signed message, you can store the certificate locally and use it to send encrypted messages to that person, and you don't already have to have a copy to verify with.

So, what you need is a correspondent who also has a certificate. you should send them a unencrypted, but signed message; they should reply to that signed message with an encrypted, signed message, and you can then reply to THAT with an encrypted, signed message to them.

Does that make sense?

You can also send them your certificate out of band or by attachment, but that doesn't matter - the idea is to get your certificate to them, so that they can reply to you with encryption turned on, and that is easiest if you send a signed message.
0
 

Author Comment

by:kengreg
ID: 39777180
DaveHowe,
My question was about Comodo's instructions, specifically saving the signed address to Contacts.

You did provide an alternate solution with out of band sharing of the cert. What is the path and file extension?
0
 
LVL 33

Accepted Solution

by:
Dave Howe earned 500 total points
ID: 39777298
normally, receipt of a signed email will offer you the option of importing it to the local store - that assumes you are using local email rather than webmail of course.

For out of band sharing, you will want to send the dot-CER file to your intended correspondents - for many email clients, they can import that just by double clicking it in windows or linux; some other clients may need you to manually import it.

assuming you generated your certificate request to comodo in outlook or via internet explorer, the CER file you got back from comodo can be made active by simply double clicking it.  the secret file should ALREADY be in the keystore (this is also true of chrome, for technical reasons; with firefox, there is a different process).

What file do you have now, and what instructions in particular are you having problems with?
0
 

Author Closing Comment

by:kengreg
ID: 39829942
The end-user was too busy to follow-up.  This request for encrypted mail will go on the back burner until it's an emergency.

Thanks for the advice.  I was trying to use all of the Comodo default instructions, and I wanted to provide a checklist that non-technical people could follow.

Whe I looked at the cert store I alienated the end-user.

The end-user is perfectly happy to pay the Comodo fee, but the trial didn't work.

Clearly the problem is with Windows Live mail.  I suspect to current Outlook clients can trade signatures and certs and allow for automatic installation.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what you should include to make the best professional email signature for your organization.
Finding original email is quite difficult due to their duplicates. From this article, you will come to know why multiple duplicates of same emails appear and how to delete duplicate emails from Outlook securely and instantly while vital emails remai…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question