1 Encryption Guide version 1.2, by Thomas Reed In order for two people to send and receive encrypted s to/from each other, both parties need: An reader that supports encryption (such as Thunderbird or Mac Mail.) A security certificate of your own A security certificate for the person you are sending to Thunderbird Mail The purpose of this document is to explain the purpose of these certificates and how to obtain them, since they are the key to encrypting . A certificate comes in two parts: a private key that is kept on your computer and is not meant to be shared with anyone and a public key that you give to anyone you like. Anyone who has a copy of your certificate s public key can send you encrypted . That person does not even need to have a certificate of their own just to send the . An message that has been encrypted with your public key can only be opened by you, using your private key. (Don t worry, most of this happens behind the scenes... you don t have to think about the certificates much or what is being done with them, but you should understand what is going on.) Certificates can also be used to sign messages, verifying that you wrote them and that the contents of the have not been tampered with. This is less important for most people, but since signing an attaches a copy of your public key to the , signing messages turns out to be an extremely easy way to give someone a copy of your public key. (More on this later!) Certificates are issued by companies called certificate authorities, which is meant to provide some level of trust that your certificate really belongs to you, and not to someone pretending to be you. Most certificate authorities charge a fee for certificates, but free alternatives do exist. The one we are going to be using is a company called StartSSL. The process of getting a free certificate from StartSSL takes about 5-10 minutes and is not very difficult. The following instructions assume you are using Firefox, which is available free for both Mac and Windows. If you use a browser other than Firefox, there will be steps in these instructions where you re going to have to figure things out on your own.
2 Step 1: Go to in Firefox. Step 2: Click on Easy Enrollment. Step 3: Fill in all the fields in the form and click the Continue button. If you have more than one address, use the one that you want to use to send signed and encrypted . Step 4: In the alert window that appears, click OK. Step 5: You might, after you click Continue, still see the form with an error message displayed at the top of the page that starts We were not able to verify your address! If this happens, wait 5 minutes (really 5 minutes, not just until you get tired of waiting!) and repeat steps 3 and 4 again. Note that you will need to re-enter your phone number, but all the other fields should still be okay. Step 6: When you see the screen titled Complete Registration, check your . You should find a message titled Your Authentication Code. Open that and select the code (a series of random-looking letters following the text Your authentication code is ). Then paste the code into the field in Firefox (highlighted below) and click Continue.
3 Step 7: Make sure that the pop-up menu reads High Grade (it should already, but if it doesn t, change it), then click Continue. Step 8: Wait. Step 9: Click Install. Step 10: Wait again. Step 11: On Windows, choose Options from Firefox s Tools menu. On a Mac, choose Preferences from the Firefox menu. Step 12: Click the Advanced button, then click the Encryption tab and finally click the View Certificate button. Step 13: Select the certificate and click the Backup button.
4 Step 14: Save the certificate on your desktop, so that it will be easy to find. (You won t need the file long, and will delete it shortly, so there s no need to seek out a more long-term home for it.) Name it whatever you like, though something like certificate would make sense. Step 15: Enter a password, typing it in both fields. Make sure that it is a password you will remember, as you will need it whenever you want to sign an e- mail or open an encrypted . Once you finish, click OK. (If you can t click OK, that s because the two passwords you typed don t match.) At this point, you have a working certificate saved to your desktop, as well as installed in Firefox (where it really isn t going to do you any good). You can now close all the open Firefox windows. The next thing you need to do is get things set up so that you can use the certificate in your e- mail. How you do this depends on whether you use Mac or Windows and what client you use. The following instructions will help you install the certificate in Thunderbird on Windows and in the keychain for use with Mail on a Macintosh.
5 Installing a certificate in Thunderbird on Windows Step 1: Open Thunderbird. Step 2: From the Tools menu, choose Account Settings. Thunderbird Step 3: Select Security in the list on the lefthand side and then click the View Certificates button near the bottom of the window. If necessary, click the Your Certificates tab in the window that appears. Step 4: Click Import and select the certificate file that you already created on the desktop. Step 5: Some versions of Thunderbird will prompt you for a new password at this point. This is not necessarily the same password as the one you specified in Step 15 in the previous page, though it can be. Step 6: When asked for the password used to encrypt the backup certificate, enter the password from Step 15 on the previous page. Step 7: Still in the Certificate Manager window, click the Authorities tab. Scroll down to StartCom Ltd, then select the item underneath it named StartCom Certification Authority. Click Edit. Step 8: Check the box that says This certificate can identify mail users. and click OK. (In newer versions of Thunderbird, this may already be checked.)
6 Step 9: Some versions of Thunderbird require you to manually select which certificate to use. Close the Certificate Manager window, and in the Account Settings window (where you originally clicked the View Certificates button), you ll see a box labelled Digital Signing. In that box, click the Select button. Step 10: In the next window, make sure your StartSSL certificate is selected in the pop-up menu at the top of the window. (It will be by default if you don t have any other certificates.) Click OK. That s all there is to it! You can close the Account Settings window and can move the certificate file from your desktop to the recycle bin. To sign or encrypt a message, simply create a new message and use the Security button in the toolbar of the new message window. Click and hold on the arrow on the right side of the button to open a pop-up menu.
7 Installing a certificate on a Macintosh Step 1: Open the Keychain Access application, found in the Utilities folder that is in the Applications folder. Step 2: Choose Import Items from the File menu. Step 3: Select the certificate file that you already created on the desktop. If you have created additional keychains, make sure the Destination Keychain pop-up is set to the keychain in which you want the certificate stored. If you have not, make sure Destination Keychain is set to login. Then, click Open. Step 4: If Mail is running, quit it and then start it up again. This will make it recognize the new certificate. That s all there is to it! You can quit Keychain Access and can move the certificate file from your desktop to the trash. To sign or encrypt a message, simply create a new message and click the lock button to encrypt or the badge button to sign.
8 How to use your new certificate Now that you ve got your certificate installed and you know where the controls for encrypting and signing messages are found, you need to know a few things about how to use your new certificate. First, in order for someone to send you an encrypted message, you must first send them your certificate s public key. To do that, you must send that person a signed message. This attaches a copy of your public key to the message. When that person receives your message, assuming they are using an appropriate reader, your public key will be remembered and automatically associated with your address. From that point on, that person can send you encrypted . Second, note that you can sign any message, but you can only encrypt a message if you have a certificate for everyone you are sending it to. For example, suppose you know that John Smith has sent you his certificate but Jane Doe has not. You will be able to send an encrypted to John, but not to Jane. You also will not be able to encrypt a message if you are trying to send it to both John and Jane. However, if you also have a certificate for Bob, you can send an encrypted message to both John and Bob. If you need to send encrypted to someone who does not work at KidsLink, feel free to give them this guide so that they can get their own certificate. If you have questions or comments about this guide, please let me know. Thomas Reed
Outlook Web App User Guide Outlook Web App (OWA) is the new version of the webmail system that enables you to access your email from home, or wherever you have an Internet connected computer. There are
OET Cloud Services Getting Started Guide Introduction OET Cloud Services uses Google Drive to let you store and access OET files anywhere -- on the web, and access them on your PC, or on any device connected
COMvantage Solutions Presents: Version 3.x Cloud based Document Management Guide to Setting up Docs2Manage using Cloud Services Docs2Manage Support: Email: firstname.lastname@example.org Phone: +1.847.690.9900
Tips and Tricks for increasing your efficiency in Microsoft Outlook 1. Creating and managing folders Creating and managing folders in Outlook can help you keep track of important emails/ information and
Citi Secure Email Program Receiving Secure Email from Citi For External Customers and Business Partners Protecting the privacy and security of client information is a top priority at Citi. Citi s Secure
Powered by Table of Contents Web Mail Guide... Error! Bookmark not defined. 1 Introduction to Web Mail... 4 1.1 Requirements... 4 1.2 Recommendations for using Web Mail... 4 1.3 Accessing your Web Mail...
CommuniGate Mail Archiving and Cleanup with Outlook 2007 Some users are hitting quota limits in CommuniGate e-mail accounts. In other words, there are too many e-mails in their account folders on the server.
CenturyLink Smart IP Hosted Voice and Data Administrator Guide Document ID VPM5310002 October 1, 2009 TABLE OF CONTENTS 1. Introduction... 6 1.1 Purpose of this Guide... 6 1.2 Other Guides... 6 1.3 Phones
Installation / Backup \ Restore of a Coffalyser.Net server database using SQL management studio This document contains instructions how you can obtain a free copy of Microsoft SQL 2008 R2 and perform the
Getting Started Guide Cloud Server powered by Mac OS X Getting Started Guide Page 1 Getting Started Guide: Cloud Server powered by Mac OS X Version 1.0 (02.16.10) Copyright 2010 GoDaddy.com Software, Inc.
Archiving and Managing Your Mailbox We Need You to Do Your Part We ask everyone to participate in routinely cleaning out their mailbox. Large mailboxes with thousands of messages impact backups and may
Enterprise Vault Users Guide Enterprise Vault Email Archiving System What is Enterprise Vault? Enterprise Vault (or EV) is a Symantec archiving solution that DII is rolling out for all users of the Enterprise
CHAPTER Managing Outlook Folders In this chapter Understanding How Outlook Stores Information 40 Using the Navigation Pane and Folder List 44 Using and Managing Folders 52 Understanding Folder Properties
End User Guide Hosted IP-PBX Phone System Polycom Model 650 - Handset Business Voice Systems Metro Connection Services Commercial DirecTV Managed Services Data Center Business Voice Systems Metro Broadband
NearPoint email Archive and Retrieval System Welcome to our email archive system, NearPoint from Mimosa. With this RPS Archive system keep in mind, you will still be using Outlook as you always have. Here
Getting Started with SharePoint Online for Small Business By Robert Crane Computer Information Agency http://www.ciaops.com Terms This Guide from the Computer Information Agency is provided as is. Every
Trust Library Services http://www.mtwlibrary.nhs.uk http://mtwweb/cgt/library/default.htm http://mtwlibrary.blogspot.com KNOW HOW: Outlook Using Microsoft Outlook Guide for using E-mail, Contacts, Personal
Sending Email on Blue Hornet STEP 1 Gathering Your Data A. For existing data from Advance or Outlook, pull email address, first name, last name, and any other variable data you would like to use in the
Managing Mailbox space and Using Personal Folders Based on documentation developed at the University of Iowa Revised for Iowa State University Extension August, 2005 ISU 100 EIT Bldg Iowa State University
Adobe September 16, 2014 Step-by-Step Guide to Publishing ipad Apps with DPS, Single Edition Page In this guide Legal notice.... 3 Introduction... 4 A checklist for building your first app... 5 A checklist
Microsoft Office Live Meeting User Guide Setting up Microsoft Office Live Meeting The Live Meeting Manager is a web based tool that helps you manage Office Live Meeting tasks from scheduling and joining
Cox Business Premium Online Backup USER'S GUIDE Cox Business VERSION 1.0 Table of Contents ABOUT THIS GUIDE... 4 DOWNLOADING COX BUSINESS PREMIUM ONLINE BACKUP... 5 INSTALLING COX BUSINESS PREMIUM ONLINE
MyTax Illinois Help General use information... 5 Install Adobe Reader... 5 Enable Pop-ups in My Browser... 5 Determine Your Current Browser... 6 Change Browser Font Size... 6 Browsers that You Can Use...
How to import Email Data from Outlook 2007 in standalone mode to your Pushex Exchange mailbox Moving to a Hosted Exchange mailbox from using Outlook in standalone mode has many advantages, here are 3:-