In the last article, I discussed digitally signing documents in Adobe Acrobat 4.0. This month, I’ll show you how to use the same digital certificates in Microsoft Outlook 2000 to both sign and encrypt your e-mail, thus protecting your PDF files in transit.
Signed, sealed, but not safe
We now have the ability to digitally sign our PDF files, but this only proves that we officially gave the document our John Hancock and that the contents have not been altered since (authentication). More importantly in the legal world, it also means that we cannot deny responsibility for the document at a later stage ? for example, in contracts, negotiations, and other legal correspondence (non-repudiation).
However, in a world where much of our electronic communication is sent via e-mail over the Internet, we need to be concerned about strangers and third parties having access to confidential information. Signing a document doesn’t protect or hide the content — it’s still available for the world to see, especially if you use an unsecured e-mail to deliver documents. You need to encrypt your messages for real protection.
Lock it up and keep the key
First, we need a way to digitally sign our e-mail. That is, we need a system that will let a recipient be confident that we did author and send the e-mail. Furthermore, we need the capability to encrypt our e-mail message and all of its attachments (including our digitally signed PDF documents) to prevent them from being viewed by prying eyes.
So let’s look at how to actually implement this in a common e-mail package, Microsoft Outlook 2000. While I’m using Outlook in this example, the techniques and principles apply to most modern e-mail systems, although, of course, the menus and toolbars will be different.
Before we continue, make sure you have a personal digital certificate as supplied by VeriSign. For details on how to acquire one, see last month’s column. Make sure that you’ve signed a PDF file, and that it’s saved in a convenient location.
Installing your personal digital certificate
To install your digital certificate within Microsoft Outlook:
- Fire up the Microsoft Outlook 2000 client.
- Choose Tools Options Security.
- Click the button called Setup Secure E-Mail.
- Give the security settings a name; your name will do nicely.
- Click the Choose button and select your digital certificate. Click OK.
- That’s it. Click OK to close the dialog box.
You now need to turn on the buttons that let you access the encryption features. To turn on the security tool buttons:
- Select View Toolbars Customize.
- Scroll through the categories and click Standard.
- Now scroll the command window to the very bottom. You’ll see two entries: Encrypt Message Contents and Attachments and Digitally Sign Message. (See the screenshot below if you’re having trouble locating these.)
- Drag and drop each of these onto your standard toolbar in Microsoft Outlook.
Sign and seal
Sending a digitally signed message is easy: Compose your message, and then click the Digitally Sign Message tool button (it’s the one with an envelope-and-a-little-red-ribbon). Click Send, and you’re done.
Sending an encrypted message requires a few more steps. If you are going to send an encrypted e-mail to a colleague, then you need his or her public certificate (this contains an individual’s public key). The simplest way to get it is to have the colleague send you a digitally signed message (by default, when you send a signed message it also attaches a copy of your certificate).
After you have received the message, click Reply, and then click the Encrypt Message Contents and Attachments button (it’s the mail-message-with-a-little-blue-padlock button). Click Send, and that’s it. Your message and its attachments will now be scrambled, and no one other than the addressee can unscramble it.
If you need to do this on a regular basis, then you should add the recipient to your Contacts folder. That way, you’ll have the option of sending an encrypted message anytime it’s required.
Where to from here?
Does this seem convoluted? It is a little, but rest assured, it’s only going to get easier. For now, a little practice will help you get comfortable with this e-business solution. So why don’t you send me a digitally signed message? I’ll reply with a signed message (and my certificate). Then you send me an encrypted message. Don’t forget to include that signed PDF file you had standing by.