Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computer Certification > MCDST > Encrypting / Digitally Signed Emails

Reply
Thread Tools

Encrypting / Digitally Signed Emails

 
 
RemoteShark
Guest
Posts: n/a
 
      04-07-2007
In a company exchange or POP3 environment, to be able to successfully send an
an encrypted/digitally signed email to a recipient, would I need to send the
digital ID to the user first and they send me theirs first in order for
future emails to be successfully sent?

I have looked around, but thought to see if I could ask any wise people here!

RemoteShark
 
Reply With Quote
 
 
 
 
catwalker63
Guest
Posts: n/a
 
      04-07-2007
RemoteShark piffled away vaguely:

> In a company exchange or POP3 environment, to be able to successfully send an
> an encrypted/digitally signed email to a recipient, would I need to send the
> digital ID to the user first and they send me theirs first in order for
> future emails to be successfully sent?
>
> I have looked around, but thought to see if I could ask any wise people here!
>
> RemoteShark


Usually you would use public key encryption and send your public key.
Your recipient should send you their public key. You use the recipients
public key to encrypt the message and your private key to sign. They do
encrypt with your public key and sign with their private key. When
you receive a message, you decrypt with your private key and check the
signature with their public key. Clear as mud?
--

Catwalker
MCNGP #43
www.mcngp.com
"I have a gun. It's loaded. Shut up."

 
Reply With Quote
 
 
 
 
RemoteShark
Guest
Posts: n/a
 
      04-07-2007
hmmm... I think I got it.

So lets say their is a new company policy to encrypt all messages to a
company finance officer, but once staff start to send an emails being
encrypted to this person, they recieve an error. I would then have to
instruct the finance director to send his public key to all staff members in
order for them to be able to send encrypted email back to the finance
director?

I think i got it.
Sort of like an authenication in advance!?!?

RemoteShark

"catwalker63" wrote:

> RemoteShark piffled away vaguely:
>
> > In a company exchange or POP3 environment, to be able to successfully send an
> > an encrypted/digitally signed email to a recipient, would I need to send the
> > digital ID to the user first and they send me theirs first in order for
> > future emails to be successfully sent?
> >
> > I have looked around, but thought to see if I could ask any wise people here!
> >
> > RemoteShark

>
> Usually you would use public key encryption and send your public key.
> Your recipient should send you their public key. You use the recipients
> public key to encrypt the message and your private key to sign. They do
> encrypt with your public key and sign with their private key. When
> you receive a message, you decrypt with your private key and check the
> signature with their public key. Clear as mud?
> --
>
> Catwalker
> MCNGP #43
> www.mcngp.com
> "I have a gun. It's loaded. Shut up."
>
>

 
Reply With Quote
 
catwalker63
Guest
Posts: n/a
 
      04-08-2007
RemoteShark piffled away vaguely:

> hmmm... I think I got it.
>
> So lets say their is a new company policy to encrypt all messages to a
> company finance officer, but once staff start to send an emails being
> encrypted to this person, they recieve an error. I would then have to
> instruct the finance director to send his public key to all staff members in
> order for them to be able to send encrypted email back to the finance
> director?
>
> I think i got it.
> Sort of like an authenication in advance!?!?
>

If this is internal, you should be have a mechanism for your users to
aquire public keys. It's been a while since I messed with this so I'm
a. little fuzzy on the implementation details. You'll need some more
expert help if you're going to get into how to set it up.

You will need to decide if you are going to issue keys yourself or get
them from Thawte or Verisign. Are these keys going to be used only
internally or do people outslde your company need to send you
encrypted emails? Do you need just one or two certificates, or a whole
bunch?

As for authentication in advance, I'm not sure I follow you. The public
key cryptography structure allows you to both sign (to verify the sender
is who they say the are and the message hasn't been tampered with) and
encrypt (to protect the content) the message.

--

Catwalker
MCNGP #43
www.mcngp.com
"I have a gun. It's loaded. Shut up."

 
Reply With Quote
 
RemoteShark
Guest
Posts: n/a
 
      04-08-2007
I think I may have written this too difficult.

This scenario is only for internal purposes, I believe.

-----------------------------------------------------------------------------------------------
A new company policy requires all ofice users to send encrypted email
messages to the financial director. A digital certificate is issued by the
systems administrator for encrypting email messages. When the office users
try to send the emails to the financial director, they all get an error.
Would I need to instruct the financial director to send his digital
certificate to all office users so that the office users are able to send
encrypted email messages to the financial director or would I need to
instruct each office user to use EFS to encrypt each office users digital
ceritificate and instruct them to resend the email messages to the financial
director.
------------------------------------------------------------------------------------------------

Thank you in advance for your help!

RemoteShark


"catwalker63" wrote:

> RemoteShark piffled away vaguely:
>
> > hmmm... I think I got it.
> >
> > So lets say their is a new company policy to encrypt all messages to a
> > company finance officer, but once staff start to send an emails being
> > encrypted to this person, they recieve an error. I would then have to
> > instruct the finance director to send his public key to all staff members in
> > order for them to be able to send encrypted email back to the finance
> > director?
> >
> > I think i got it.
> > Sort of like an authenication in advance!?!?
> >

> If this is internal, you should be have a mechanism for your users to
> aquire public keys. It's been a while since I messed with this so I'm
> a. little fuzzy on the implementation details. You'll need some more
> expert help if you're going to get into how to set it up.
>
> You will need to decide if you are going to issue keys yourself or get
> them from Thawte or Verisign. Are these keys going to be used only
> internally or do people outslde your company need to send you
> encrypted emails? Do you need just one or two certificates, or a whole
> bunch?
>
> As for authentication in advance, I'm not sure I follow you. The public
> key cryptography structure allows you to both sign (to verify the sender
> is who they say the are and the message hasn't been tampered with) and
> encrypt (to protect the content) the message.
>
> --
>
> Catwalker
> MCNGP #43
> www.mcngp.com
> "I have a gun. It's loaded. Shut up."
>
>

 
Reply With Quote
 
catwalker63
Guest
Posts: n/a
 
      04-08-2007
RemoteShark piffled away vaguely:

> I think I may have written this too difficult.
>
> This scenario is only for internal purposes, I believe.
>
> -----------------------------------------------------------------------------------------------
> A new company policy requires all ofice users to send encrypted email
> messages to the financial director. A digital certificate is issued by the
> systems administrator for encrypting email messages. When the office users
> try to send the emails to the financial director, they all get an error.
> Would I need to instruct the financial director to send his digital
> certificate to all office users so that the office users are able to send
> encrypted email messages to the financial director or would I need to
> instruct each office user to use EFS to encrypt each office users digital
> ceritificate and instruct them to resend the email messages to the financial
> director.
> ------------------------------------------------------------------------------------------------
>
> Thank you in advance for your help!
>

You're going to need to get a certficates appropriate for encrypting
email from Thawte or a like service or set up your own certificate
services (which IIRC requires at least 3 servers, one offline, to be
secure) and issue them yourself. There will need to be a key exchange
between your office users and the financial director. EFS would be
appropriate to protect the private key of the key pair but you don't
need it for the public key -- everyone is supposed to have access to
that one. I think all the finance director should need to do is send a
message to each user, once the key is installed but I'm a little fuzzy
on the details, as I said.

I think the implemenation process is too lengthy and complicated a
process to nail down using a newsgroup and I, for one, am no expert. I
suggest you get a book or two on PKI.
--

Catwalker
MCNGP #43
www.mcngp.com
"I have a gun. It's loaded. Shut up."

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Convert a signed binary number into a signed one ? Rob1bureau VHDL 1 02-27-2010 12:13 AM
To implement amechanism for identifying the digitally signed mail is tampered or not. amitgupta4all Java 0 01-12-2010 08:05 AM
Verifying digitally signed data from a .NET application in a Java Servlet Kerry Sanders Java 1 09-17-2009 07:40 PM
signed(12 downto 0) to signed (8 downto 0) kyrpa83 VHDL 1 10-17-2007 06:58 PM
ipsec encryption vs SMB digitally signed communications M D MCSA 0 10-25-2006 09:54 PM



Advertisments