RE: PGP and Outlook
From: Brian A. Reiter (breiter_at_wolfereiter.com)
To: <firstname.lastname@example.org>, <email@example.com> Date: Fri, 14 Jan 2005 22:47:42 -0500
> Outlook supports digital IDs from Geotrust and Verisign,
> but I would like to find something that will let our students
> participate in using the digital signatures without having to
> pay for one and with the adjunct faculty we hire on a per
> semester basis, the benefit of using digital signatures would
> be overcome by the cost.
MIT provides a free version of the commercially licensed PGP for Win32
[http://www.pgp.com]. I have tried the MIT PGP 6.5 distribution (which
includes a plug-in for Outlook) [http://web.mit.edu/network/pgp.html] but it
did not work properly unless the login account on the Windows box is a
member of the Administrators group.
I also tried the GNU Privacy Guard (GPG) plug-in for Outlook
[http://www3.gdata.de/gpg/download.html] which depends on GPG for Win32
[http://www.gnupg.org/(en)/download/index.html]. This plug-in simply didn't
work for me at all and the user interface was broken, perhaps also not
designed to run as a non-admin.
On the other hand S/MIME support is built right in to Outlook and most other
email clients. The problem is the cost of having a trusted certificate
authority generate keys for the client. I have found Thawte Freemail "web of
trust" to be a good solution. Perhaps it will work for your situation.
Thawte will issue S/MIME certificates free-of-charge. Basic certificates are
free and only certify the email address. There is a web-based personal
certificate manager for revoking and issuing new certificates.
There is also a mechanism for acquiring an account that identifies a real
identity instead of just an email address, but it requires that an applicant
be certified by other previously certified account holders in his/her
location. Hence, "web of trust". In practice, this is a lot of rigmarole and
I wonder how useful for most applications.
Brian A. Reiter
WolfeReiter, LLC [http://www.wolfereiter.com]
- application/x-pkcs7-signature attachment: smime.p7s