Digitally Signed E-mail

I am currently exploring e-mail certificates again in the wake of Thawte ending the Web of Trust. E-mail certificates are useful for two reasons. They provide for digital signatures and encryption.

A digital signature ensures that what the recipient receives is what I sent. It also means that I cannot claim that I did not send the message ensuring non-repudiation.

Encryption ensures that only I and the recipient can see the message.

Without e-mail certificate and the encryption and digital signature capabilities they bring, e-mail is about as good as a postcard. Postcards are easy to forge and certainly are not very private. An e-mail certificate is similar to the seal used by a medieval king. He holds the only seal so a letter sealed with it can be reasonable assured to have actually come from the king.

Right now, I am looking mostly at Comodo and Verisign.

Leave a Reply

Your email address will not be published. Required fields are marked *