This includes two functions:
| • | The encryption of messages so they can only be read by the intended recipient(s) |
| • | The signing of messages to confirm the identity of the sender. |
This uses the system of Security Certificates built-in to Windows.
Any attachments sent with a message will also be encrypted.
On This Page
Obtaining and installing your own Certificate
A number of organisations provide these, usually for a fee.
A free certificate can be obtained from this site. NOTE that at the time of writing this will only work with Internet Explorer Version 6, no other browser.
Organisations that charge a fee will usually take steps to confirm your identity, so the certificate will show exactly who you are.
The free certificate above does not confirm who you are, but will confirm that communications using it will have come from the same person.
See the Help for your version of Windows for how to install the certificate on your machine.
Your certificate will consist of both the Public Key and the Private Key.
NOTE that certificates work on an email address - if you use more than one you MUST obtain a certificate for each of them in order to be able to use these addresses.
Obtaining the Public Keys of other people.
This is simple - just ask them to send you a signed message, which will include their Public Key.
Look in the Information Bar above the Quick Viewer and you will see a special icon:
Click on the special icon to inspect and/or install the certificate.
Now you can send encrypted messages to that person.
NOTE that you MUST have your own personal certificate installed to send encrypted messages - each message is also (automatically) encrypted using your Public Key so that you will be able to access it in the future.
You MUST have your own certificate installed to sign messages.
Start a new message, or a reply, and click the 
button before sending. The recipient will be able to verify it as your Public Key will be sent too (in case they don't have it already).
You MUST have the Public Key for the recipient's email address installed, in order to encrypt messages. You must also have your own certificate installed, as messages will also be encrypted using your Public Key so that you can access them in the future - this will require your Private Key.
Start a new message, or a reply, and click on the 
button before sending.
Any attachments sent with a message will also be encrypted.
The Mechanism of Signing and Encryption
This uses dual keys: a Public Key that can be made available to anyone, and a Private Key which is only accessible to its owner - it will be installed on their computer.
These have a complex mathematical relationship and are (theoretically) unique and it is impossible (theoretically) to guess one from the other. Only the possession of one allows the access to information encoded with the other.
A message is encrypted using the Public Key of the recipient - only that person will have the corresponding Private Key to decrypt it.
A message is signed using the Private Key of the sender (who is the only person with access to it), and when analysed by the recipient using the sender's Public Key, the identity of the sender will be confirmed.