Remember, this is not specific to your email address alone... the METHOD you retrieve your email is equally important.

Similar documents
Encryption Guide version 1.2, by Thomas Reed

CHARTER BUSINESS custom hosting faqs 2010 INTERNET. Q. How do I access my ? Q. How do I change or reset a password for an account?

Instructions For Opening UHA Encrypted

Alberni Valley IT Services Virtual domain information.

Secure transaction guidelines for external users with Commission personnel.

From a Finder window choose Applications (shown circled in red) and then double click the Tether icon (shown circled in green).

How to use encrypted in the WECI scheme.

This document provides a brief, end-user overview of the Cisco Registered Envelop Service which has been implemented by Sterne Agee.

User guide. Business

SECURE USER GUIDE OUTLOOK 2000

mystanwell.com Installing Citrix Client Software Information and Business Systems

How To Sync Google Drive On A Mac Computer With A Gmail Account On A Gcd (For A Student) On A Pc Or Mac Or Mac (For An Older Person) On An Ipad Or Ipad (For Older People) On

Encryption Recipient Guidelines

Here are the steps to configure Outlook Express for use with Salmar's Zimbra server. Select "Tools" and then "Accounts from the pull down menu.

Reading an sent with Voltage Secur . Using the Voltage Secur Zero Download Messenger (ZDM)

This information is provided for informational purposes only.

Secure Client Guide

UCIT Office of Information Security Standard Operation Procedure: HIPAA Privacy and Security Basics Training

Table of Contents. How to Disable or Partially Disable Pop-up Blockers

How To Use The Nvcc

DIRECT MESSAGING END USER GUIDE ALABAMA ONE HEALTH RECORD. Unify Data Management Platform 2012/2013 Software Build 5.15

Xythos on Demand Quick Start Guide For Xythos Drive

Setting up secure communication with Ericsson. Guideline for Ericsson partners

A Guide to using egas Lead Applicant

Setting up Channel-21 Secure RSS CEP on

Portal Recipient Guide

How do I Install and Configure MS Remote Desktop for the Haas Terminal Server on my Mac?

Recommended Browser Setting for MySBU Portal

How to install and use the File Sharing Outlook Plugin

Initial Setup of Mozilla Thunderbird with IMAP for OS X Lion

MICROSOFT OUTLOOK 2011 GETTING STARTED AND HELP RESOURCES

Djigzo S/MIME setup guide

Configuring your client to connect to your Exchange mailbox

Initial Setup of Mozilla Thunderbird with IMAP for Windows 7

Personal Secure Certificate

8x8 Click2Pop User Guide

Configuring an Client to Connect to CASS Mail Servers

Steps to Opening Your First Password-Protected Envelope

PISA 2015 MS Online School Questionnaire: User s Manual

Internet Encryption S/Mime Standard

Law School Computing Services User Memo

How do I Install and Configure MS Remote Desktop for the Haas Terminal Server on my Mac?

Macs are not directly compatible with Noetix.

My Online Education. Student Guide

Guide to Training Teachers on the Co-op Dashboard

Lync Online Deployment Guide. Version 1.0

Encryption. How do I send my encryption key?

Mac OS X. Staff members using NEIU issued laptops and computers on Active Directory can access NEIU resources that are available on the wired network.

Personalizing Your Individual Phone Line Setup

Installation Guide. Before We Begin: Please verify your practice management system is compatible with Dental Collect Enterprise.

Mozilla Thunderbird: Setup & Configuration Learning Guide

Guide to Obtaining Your Free WISeKey CertifyID Personal Digital Certificate (Personal eid) WISeKey 2010 / Alinghi 2010 Smartcards

Client Configuration Guide

NICCA User Guide for digitally signing Using Digital Signature Certificate (DSC) in Outlook Express

Quick Start Guide to Logging in to Online Banking

6. Is it mandatory to have the digital certificate issued from NICCA? Is it mandatory for the sender and receiver to have a NIC id?...

NeoMail Guide. Neotel (Pty) Ltd

Massey University Wireless Network Client Configuration Mac OS X

Secure FAQs for External Stakeholders

Law College Computer and Technology Information

Sending an Encrypted/Unencrypted Message. Let's Begin: Log In and Set Up Security Questions. Create Additional ProMailSource Accounts:

OPS Data Quick Start Guide

AT&T Voice DNA User Guide

MiraCosta College now offers two ways to access your student virtual desktop.

Using Outlook Web Access

SHC Client Remote Access User Guide for Citrix & F5 VPN Edge Client

Secure Part II Due Date: Sept 27 Points: 25 Points

Installing LearningBay Enterprise Part 2

U.S. Bank Secure Mail

Personal Online Banking:

Internet and Help. Table of Contents:

Overview of Registered Envelopes. Registered Envelope Notification Message

After you've enabled POP/IMAP access in i.mail, you need to configure your client to download i.mail messages.

Introduction...3. Creating an Apple ID...3. Setting Up Your ipad...4. Connecting to Genesis...4. Setting Up Your ipad...5. ipad Name Change...

Student ANGEL FAQs. General Issues: System Requirements:

IMAP and SMTP Setup in Clients

!"#$ Stonington Public Schools Parents Guide for InfoSnap Online Enrollment. for Returning. Students. August. Online Enrollment.

Secure A Guide for Users

How To Create A Digital Signature And Sign A Document With Adobe Reader XI

TRUST Online u s e r g u i d e v e r s i o n 8. 4 O c t o b e r

Shentel (Shentel.net)

isecur User Guide for iphone

How to use the Online Module Enrolment Application

INTRODUCTION TO & BASICS

Globalstar User Guide for Mac

Remedy ITSM Service Request Management Quick Start Guide

Update Instructions

Using Rackspace Webmail

Warwick The Switch Over to

College of Marin Accounts Fall marin.edu Access,

Mac OS VPN Set Up Guide

How To Use Touchtone.Com'S Digital Phone Service Web Portal User Guide (For Ip Phones) On A Pc Or Ip Phone (For A Cell Phone) On Pc Or Mac) On Your Ip Phone On A Mac Or Ip Cell Phone On

Using the Jive for ios App

MICROSOFT OFFICE 365 EXCHANGE ONLINE CLOUD

GCM for Android Setup Guide

Frequently Asked Questions Mindful Schools Online Courses. Logging In Navigation s & Forums Tracking My Work Files...

How To Configure Using Different Clients

1. What practices does Raleigh Medical Group, P.A. include? 2. Is my health information secure? Who has access to this information?

my.scouting Tools Training Dashboard Trained Exception Report YPT Aging Report Trained Leader Rpt Add Training Search Training View Training

Setting up an Apple ID

Transcription:

Securing Your Email Skip to Page 2 to Begin or Read this FYI Using Security Certificates: Background and FYI Securing email requires the use of a certificate in order to work. Once you sign up for a certificate it lasts one full year and it is easy to renew. Actually setting up the certificate is trivial. The initial registration takes about 10-20 minutes. Once you have the certificate you will probably never see it or care about it until it is time to renew next year. How it Works How it works is simple. You get a certificate from a trusted third party, much like you receive an ID card from the state. You can then use the certificate to prove you are who you say you are... or in this case, your email address is indeed being used by you and not some other person. When you send an email, you check off the digital signature button. This sends the certificate in the background to the recipient and their email client will read Sender Signed and store your certificate. Once both parties have sent each other a!signed" email, encryption is now possible. Remember, this is not specific to your email address alone... the METHOD you retrieve your email is equally important. Key limitation sacrificed where security is gained: The encrypted emails you send CANNOT be opened in a web browser. Encrypted emails can only be opened from within a Mail program. It can be Apple Mail, it can be Thunderbird (on the PC) but no more geckomail.ucdavis.edu or my.ucdavis.edu email for encrypted messages. This means if you forward your email to Yahoo, you cannot read your encrypted messages. However, this is not true for unencrypted emails. Unencrypted emails can still be read from the browser. Since gmail gives free POP3 (downloading of emails to mail programs), gmail will work with this while Yahoo charges for POP3 access. It is not recommended that you forward your email to another account. Note: the Apple Mail client is smart enough to not encrypt a message if the recipient doesn"t have a certificate. Meaning that even though your recipient does not have this setup, it is impossible to send an encrypted email to a person that he or she could not decrypt. This sounds like a lot but it"s not. It boils down to this: Once you have a certificate, and your recipient has a certificate and you have both corresponded with the Signed button checked, you are given the option to send an encrypted email. Once it is sent, it can only be decrypted by a program which can decrypt it. Web browsers cannot open encrypted emails. On to the steps... 1

Outline: Four Stages to Setup Encryption 1. Create an account on thawte.com 2. Request a certificate. You then wait 10-15 minutes for Thawte to generate it. 3. Download your certificate. The mac sets it up for you. 4. Email your common recipients so that everyone gets your certificate, and send encrypted emails! Stage 1. Create a user account on thawte.com This is a fairly straightforward process, though longer than most website registrations. You must use Safari for this whole process. Do not use Firefox! 1. In Safari, go to www.thawte.com It looks like this to the right: 2. Click on Products in the navigation bar. You get a nice blue menu. 3. Click on Free Personal E-mail Certificates 4. The next window looks like this, click Join in the top right area. 5. You next get an agreement page. Click Next to accept their terms and conditions. In summary: the agreement specifies what these certs do, that Thawte is a Certificate Authority not endorsed by the government officially, information is gathered based on trust and not shared, and they are not liable legally. 6. On the next page, enter your Last name, first, birthday and nationality. Then click Next. (Ignore Charset) 7. The next page is titled, Requesting ID Information. Enter your UC Davis email address. This will become your account username with Thawte. Then click next. 8. The next page is titled, Personal Preferences. Choose your preferred language (most likely English) and then under Charset Preference choose Use the default for my language. Click next. 9. On the next page entitled Password Setup you should create a password for your Thawte account that you will be able to remember a year from now. 2

10.Password Questions. On this page you need to select 5 questions and type in 5 answers. One word answers are the best. If you don"t like the questions, then create your own. The only rule is that there must be 5 questions. Click next. 11.On the next Confirmation page, make sure everything you have entered is correct, then click next. 12.IMPORTANT. You will be sent an email that will help you finish the enrollment with Thawte. You MUST complete this step the same day, or it will not be successful. 13.Click on the first link in the email. 14.Enter the Probe and Ping values by copying and pasting each into the webpage you just loaded. Click next. 15.You should get a confirmation page saying it was a success. Click next. 16.A login window will popup. Fill in your UC Davis email address into the Name field, and then enter the password you just created into the password field. Click Log In. You will now be able to request a certificate. On to Stage 2: Requesting a Certificate... 3

Stage 2. Requesting a Certificate Follow these steps to request your certificate be generated. 1. You should now be logged in, if so, go to step 2. If not, go to thawte.com and login using the same steps as Stage 1, numbers 1-3, then clicking Login instead of Join. 2. Click Certificates. Then Request a Certificate. Then request an X.509 Format Cert. 3. On the next page, make sure Mozilla Firefox is selected, then click request. 4. The next page is titled configure certificate name. For our purposes we will not have our names verified by a notary. No Employment Information Available should be selected, so click next. 5. You will now get a configure email addresses for certificate page. Your email address should be checked, then click next. 6. The next page is titled, configure extranet capabilities for certificate. Click Next. 7. On the next page configure X.509v3 cert extensions, accept the Default Extensions by clicking on the first Accept. Do NOT click on configure. 4

8. In generate certificate public key make sure 2048 (High Grade) is selected, then click next. 9.On the next page, click finish. 10.You will get an email confirming that your request for a certificate has been processed. It takes anywhere from 5-15 minutes for it to be generated by Thawte. You are done with stage 2. When you get a second email saying it is ready, go to Stage 3 of this guide. Important: Don!t close your browser windows at any time! On to Stage 3: Downloading Your Certificate... 5

Stage 3. Downloading and Installing Your Certificate Once you have requested a certificate, as you did in stage 2, it takes a few minutes before Thawte finishes generating it. 1. You should get an email from Thawte when your certificate is ready. It should look something like this: 2. Do NOT click on the link in the email. It won!t work! Instead, close the email. 3. Switch back to Safari, to the larger page you had open. On the left-hand side, click on the link that says view certificate status in red. 4. You should get a list saying one has been issued. Click on the word Navigator. 5. On the next page you will see a button in red that says Fetch. Click it. Safari will download your certificate. 6. When it is done downloading, Safari knows to add it to your keychain. 7. Quit the Keychain Access program by going to the Keychain Access menu, then click Quit. On to Stage 4: Signing Your Messages, and Encrypting Them... 6

Stage 4. Signing and Encrypting Email Messages You now have a certificate installed on your Mac. If you send email from this Mac, with your Mail program, you have the ability to send a signed email. Believe it or not, it is easy for someone to use your email address to send email, even without your password. With a certificate you are basically letting your recipient know you are indeed the owner of the email address you are sending from. If both ends of communication have a certificate from Thawte setup, and both have corresponded with a digitally-signed message already, one can then encrypt email between the two. Here"s how: 1. If your Mail program was open when you setup the certificate, Quit it, then reopen your Mail. When you relaunch if Mail asks for use of your keychain click Always Allow 2. The easiest way for everyone on staff to get a signed message is to email the staff listproc. Open a new email and email your staff listproc or other common addresses. 3.Make sure the seal has a checkmark in it. 4.The difference between checked and not checked is subtle. One is an X while the other is a Check. Make sure it is a check-mark. There are little to no reasons why you would want to send a non-signed message. (Note, this is a digital signature produced by the certificate. It is not the same as your signature line.) 5.Note how next to the badge symbol on its left there is a lock that is grayed out. What this tells you is that you cannot send an encrypted message to this recipient. Either this recipient doesn"t have a certificate, or they have never emailed you with a digital certificate. 7

6. Once you have made sure the badge has a check-mark in it, you can send an email saying you are just setting up your secure email. 7. Now let"s say we are all setup. If you are sending to a recipient who has their certificate setup, the option for a lock is given. Making sure the lock is locked will ensure the email is sent encrypted. 8.Again the difference between encrypted / unencrypted is subtle. The lock on the left is unencrypted. The lock on the right is encrypted. 9.When you receive a message and you want to know if it is encrypted, it shows up in the To section. 10.Whenever you send an encrypted message, it will stay on whatever setting you last did. So, pay attention to your lock when you are sending confidential messages, and make sure it is always locked. 11.If the lock is not available (that is, it is greyed out) then either your recipient has no certificate, or they have not yet sent a signed message. If you send to multiple recipients and even just one of them isn"t set up, encryption is disabled. This system only works if everyone is set up. Paying attention to the lock before you send is crucial. 8 Important: subject lines are NOT encrypted. That!s It. You can now send Encrypted Email Messages!

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information