Benjamin Juang (ibneko) wrote,
Benjamin Juang

X.509 certificates...

via fbartho:

It covers mail encryption and/or digital signing.

The link is actually a bit out of date though, but the process is pretty painless. Just head over here:
And then click on "Join".
You'll go through a process of e-mail verification, then information gathering (not that much personal stuff, but you'll need to give them 5 questions for later verification, should you lose/forget your password). Note that they don't gather a phone number, so you _should_ go back and add that in afterwards, so they can call you for lost-password retrieval.

Once that's complete, request a certificate, and if you're running in Safari and using Mail, it's very easy. As soon as your certificate is ready, they'll send you an e-mail. Click the "Fetch" button, and it'll download (an .exe file, yes, I know. Just click "Download"). Keychain Access will pop open. Select "Keys", and you should see a "Key from". Double-click on the private key, and select the "Access Control" tab, then change it to "Confirm before allowing access" and check the "Ask for Keychain password". This way, if you lose control of your computer, people can't just sign e-mails with your key, without your keychain password. Which... should be ok, unless people get control of your keychain password.

Eh, well, so the last bit is actually up to you. Once it downloads, you're all set to send e-mails.

Mail me. :) I'm at ben.juang //at//
Tags: security

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded