Secure E-mail Protects Your Privacy

  • Article
Archived content. No warranty is made as to technical accuracy. Content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

by Gordon Black

When you scribble a postcard to your pals saying "Having a great time at the beach, wish you were here," you don't care who knows, right? E-mail functions like an electronic "postcard," which is just fine for most of your messages. But for a message to your bank explaining why your credit-card payment is late, you need the increased confidentiality of a tightly sealed "envelope" to keep out the peeping toms.

Outlook Express offers this virtual envelope in the form of two built-in security features: digital IDs and encryption. And while using e-mail does save you from the foul-tasting envelopes and trips to the post office, senders should still beware.

Your virtual passport

A digital ID is your passport for travelling through the Web: a unique means of proving that you are who you say you are. Like a real passport, a digital ID is issued by a third party that verifies your identity. (The level of verification varies from a basic screening to more thorough, depending on the type of digital ID you want. For more information, visit the Microsoft Security Advisor Web site at https://www.microsoft.com/security/default.mspx. )

A digital ID is made up of a private key and a certificate. The private key is a secret (and very, very large) number that exists only on your computer. By using this private key, your computer can generate a digital signature that seals your message with information (a series of numbers) affirming that it came from the one and only you.

In turn, a certificate contains a public key and identification data about the person who holds the private key: you. Certificates are freely distributed and are used to verify that a digital signature was valid and generated by the person who physically possesses the private key.

Better than your John Hancock

A digital signature provides more protection than a handwritten signature. The recipient of the message can verify that it was sent by you and that it wasn't modified in transit. While digital signatures can protect you from forgery, they don't prevent others from reading messages during tranmission. To protect the content of an e-mail message from a snooper, you must encrypt it.

Keep out the snoopers

Like a spy from a James Bond movie, Outlook Express uses encrypted code to disguise your message. But before you can encrypt an e-mail message, you need the certificate for the person to whom you're sending the encrypted mail. Outlook Express uses the public key contained in the certificate to encrypt the message, making it unreadable while it is traveling on the Internet and readable only to the recipient with the private key.

Complex stuff, but easy to use

Even though the mathematics and programming behind encryption and digital signatures is complicated, using it is easy:

Important: Before proceeding to obtain and use a digital ID, you must first type a Windows password when logging on to your computer. Without use of the password, you will be unable to use the digital ID for digitally signing messages.

To obtain a digital ID, visit the Where to Get Your Digital ID site at https://office.microsoft.com/assistance/preview.aspx?AssetID=HA010547821033&CTT=6&Origin=EC010553071033 , and follow the instructions on the screen. It only takes a couple minutes.

  1. Get your digital ID from a third-party certifying authority, such as Verisign.

  2. In the main Outlook Express window, on the Tools menu, click Accounts.

  3. Select the mail account from which to send secure mail, and then click Properties.

  4. On the Security tab, select Use a digital ID when sending secure messages from.

  5. Click Digital ID.

  6. Choose a certificate.

  7. Now, each time you send a digitally-signed message, Outlook Express automatically includes the public-key portion of your digital ID (also known as a certificate).

To send a secured message, follow these steps:

  1. On the Outlook Express toolbar, click Compose Message to open a new message window.

  2. On the Tools menu, click Digitally Sign, and, if you want to make your message unreadable in transit, click Encrypt Message.

Book it

Almost done. Now, in order to receive secure mail, you must have all recipients' digital IDs with whom you'll be exchanging encrypted messages.

To add digital IDs to your address book after receiving a digitally-signed message, follow these steps:

  1. Open the message.

  2. On the File menu, click Properties.

  3. On the Security tab, click Add digital ID to the Address Book.

You may often receive a digital ID for someone from a third party. You can check first at the Web site of Microsoft partner Verisign.

Note: The e-mail address you give to correspondents for secure mail must be the same as the one from which you send digitally-signed mail.

Import your friends

Who are your regulars? Digital IDs for your most frequent contacts appear with a red asterisk in your address book.

Note: The easiest way to get someone else's certificate is to ask him or her to send you digitally signed mail, and then add the person (and the certificate) to your Outlook Express address book. You can also check to see if an intended correspondent has a digital ID by visiting the Web site of Verisign at https://www.verisign.com , Microsoft's preferred provider of digital IDs. Check with your correspondent to find out if he or she has registered with another issuer of digital IDs.

After you have located the other person's digital ID, create a new entry for the contact or double-click an existing one in the address book list.

Then follow these steps:

  1. Click Properties, and then click Digital IDs.

  2. Click Import.

  3. Locate the digital ID file, and then click Open.