Re: secure email
From: Ralph A. Jones (rajones_at_SPAM_ME_NOT_AT_tconl.com)
Date: Fri, 24 Oct 2003 00:05:57 -0500
Jamie Briant wrote:
> I've got this email which has been digitally signed, so I have the guys
> public key. I want to send an encrypted email back. But, outlook wont let me
> because *I* dont have a certificate. Is this outlook, or will Mozilla,
> Eudora, etc all do the same thing? Is it the whole protocol: it wont let you
> use someone elses public key unless you have a key of your own? Seems a
> great way to make sure that no-one adopts secure email if you ask me.
I have been an email encryption advocate since the DOS PGP days when
Phil Zimmerman (the author of PGP) was still being sued by the Justice
Department for providing military-grade encryption to the masses (and,
unfortunately for Phil, enemies of his home country the United States).
In my experience over the years it has been proven to me over and over
again that it takes a true geek/paranoid (of which I am proud to call
myself) to "buy into" email encryption. Your average, Joe Blow user
could hardly be less interested in email encryption because: a) it adds
two or three clicks to processing email, whether you are using PGP or an
S/MIME-enabled email client like O/OE; or, b) obtaining and installing a
digital certificate or generating a PGP key set is beyond the computer
capabilities/interests of most.
Your friend appears to have joined the relatively small community of
geek/paranoids. I invite you to join us. As others have suggested, you
can pick up a Thawte certificate for free (http://www.thawte.com -- even
though their "public trust" or "notary public" system probably inhibits
Last time I checked (although this may have been changed in the most
recent version), Netscape verions 6.x/7.x (Mozilla iterations) did *NOT*
properly support S/MIME.