F. Reinbold Technical and Patent Translations
     Accurate IP & technical translations
  About
  References
  Confidentiality
  Security
  PGP key
  Prices
  Payment
  Links & tips
  Contact me

 

Signing and encrypting

Although very convenient, email and the Internet offer little guarantee as to the integrity of your communications and the identity of your correspondents. It is very easy to send emails in somebody else's name or to intercept them as they transit through a number of unknown computers. Emails are not any safer or confidential than typed postcards and should be treated as such.

Therefore, I offer the option of exchanging emails and documents with electronic signature and/or high-level encryption with S/MIME or PGP, the two main solutions in secure messaging. Some software such as Adobe Acrobat include similar capabilities. Using S/MIME or PGP allows you to:
• check the identity of your correspondent
• ensure messages and documents have not been altered after being sent
• exchange encrypted messages and documents

S/MIME capabilities come preinstalled on common email software such as Microsoft Outlook (Express) or Netscape products and allow you to check S/MIMED signed mail. One important point is that you will first need a certified digital identification (digital ID) before signing or encrypting mail.
Digital ID's must be obtained from a recognized Certification Authority (CA). After checking your identity carefully, the CA of your choice will deliver a certified digital ID. Your correspondents may then check your identity as approved by your CA.
A digital ID may be obtained for free from Thawte after physical identification by several notaries of the Thawte Web of Trust. Major CA's such as Verisign, Entrust, Geotrust or GlobalSign are compared on WhichSSL.org and the PKI-page.org.

PGP/GPG allows exchanging signed and encrypted messages with any PGP-compatible software. PGP does not request a certificate from a recognized CA to function. It does however support common X.509 certificates for checking the identity of your correspondent. Not using CA certificates introduces a security hazard at the original key exchange only, when you must trust the identity of your correspondent. PGP additionally allows you to sign and encrypt files, folders or partitions on your computer for internal security.
PGP is available as GPG free software. Consider using Mozilla as your Internet browser and email client, as it offers the GPG Enigmail module with GnuPG. Installation takes three steps but the result is outstanding.
www.PGP.com offers commercial software that integrates smoothly into common messaging programs such as Outlook, Outlook Express, Eudora, Entourage and Apple Mail.

S/MIME and PGP both make use of Public Key Encryption (PKE). PKE encryption involves two complementary components forming a key pair:
• a private key that you preciously keep and hide; and
• a public key that you widely show and distribute.
The private and public keys work together as two pieces of a puzzle. Combining the output of both public and private keys is needed to check a signature or decode a document.

You will find my PGP public encryption key here.

Besides S/MIME and PGP, I will upon request also make use of software specific encryption

such as available in Adobe Acrobat.

F-Secure Anti-Virus
PGP Secure Mail
PayPal Online Payment
© copyright 2003 F.Reinbold
All rights reserved
  *This site has not been translated to German yet.
     However, translations from German to French are offered.