Use these instructions to use secure email and get a digital signature (digital certificate) on your current email address. You don't have to pay for a digital certificate; get encrypted email free.  

Why?

Why would you want to use secure email?
Privacy, Proof, and Convenience.

Secure email gives you privacy. Email is sent in plain text and anyone in your company's IT department or at millions of convenient places throughout the Internet can read your email at will. Sooner or later, you will wish to send something using email that needs to be safe. It could be a critique of your boss, credit card information, a secret love letter, or the amount of your last paycheck. In any case, you don't want the information shared with anyone but your intended recipient.

Secure email gives you proof. Ask anyone that has ever played games with their email account settings in Outlook or talked directly to their mail server using telnet, they will all admit that is unbelievably easy to send an email that pretends to be from someone else. Consider the chaos that would ensue if you faked an email from a co-worker to his boss accusing the man of having a torrid affair with his secretary and promising to tell his wife. (It might even be worse if it turned out to be true. *ouch*) When you send email that is digitally signed, there is no doubt that you created and sent the email. Anyone pretending to be you won't be able to duplicate it.

Secure email is convenient. Ok, I'm full of it. It should be convenient, but it won't be for a few more years. Under U.S. and many International Laws, digitally signed documents are just as valid as documents with a real signature. This means that instead of making a special trip down to the insurance office to sign documents, they should be able to email the documents to you and you should be able to send back a digitally signed "I Agree" email that is just as binding as a physical signature. Unfortunately, if your insurance agent is as behind the times as mine, they just go quiet on the other end of the phone, then say "...if you will just come by the office..." I'm sure this will improve with time, but for now you will just have to come by the office...

Why does Thawte give away free digital certificates?

I think it started out as a marketing stunt. You see, Thawte is in the business of selling inexpensive digital certificates to web sites so that they can use SSL (secure socket layer) for doing cash and credit card transactions online. If you use their free personal certificates and your company goes looking to buy a SSL certificate for your web server, you are very likely to say "I know where to get a good deal..." If I ever get a chance to speak with Mark Shuttleworth, the famous space tourist that originally founded Thawte, I will be sure to ask him. :)

Secure Email for Dummies

In order to Receive encrypted email or Send digitally signed email, you must have a digital certificate. Re-read that. If you get a digital certificate for your email, you cannot send your friend encrypted email, but they can send you encrypted email. This is exactly backward from how any sane human expects it to work. Luckily, certificates are free. It shouldn't take too much talking to get your friend over here so you can both get certificates and solve any confusion. You can send digitally signed email without any help from your friends at all.

Why is it backwards? It's not. No, really, it works just the way some insane mathematician designed it. Allow me to explain...no...allow me to sum-up. (If you don't want to know, skip this paragraph and the next.) There is this really cool thing call public key cryptography. The long-standing problem with secret messages was always getting the secret password (key) to the other end without it being discovered. The way this problem was solved was by some disturbingly simple-looking math that broke the secret key into a public, encoding part and a private, decoding part. You could give the public, encoding part to all your friends and enemies and anytime someone wanted to send you a secret message, they use that public key that everyone knows to encrypt it. Here's the cool part, only your secret, private key (that you never shared with anyone at all) will allow the message to be decrypted and read. Thus, a digital certificate allows you to get, but not send, encrypted email. This neatly solves the "get the secret password to the other end" problem because it no longer has to be secret. Secure two-way communication is achieved by both ends having certificates and giving everyone their public key. Now anyone, anywhere can send a secret message to either of these two people. The two people have that same ability and, of course, can now send secret messages to each other; they just use each other's public key.

What about digital signatures then? Remember when I said you used the public key to encrypt secret messages and the private key to decrypt and read them? You can also encrypt a message with your private key and anyone with your public key can decrypt it. Think of it! You can create a secret message that only everyone can read! ...ummm...doesn't sound too bright, does it? There is a really cool side-effect of this silly procedure. Because only a message that you made would have been encrypted with your private key, anyone who can decrypt it with your public key knows that you must have really been the sender. Ah-Ha! Proof! Just to make sure someone that receives a digitally signed message can read it, your public key is sent along to keep it company. How do you know that the public key that came with the message is really related to the true sender and not just made up? Thawte includes their own signature in your certificate to back up your claim. This is why you get a digital certificate from a recognized certificate authority instead of just creating your own. Your computer will have Thawte and Verisign keys to double check.

As you already know, you only need a digital certificate to receive encrypted email. While technically true, that is not an ideal combination. Here is the problem: When someone sends you an encrypted message, you don't have any way of verifying that the sender is really who they say they are. If the sender also has a digital certificate, you now know that the correct person sent the message. Microsoft decided it was entirely too complicated to explain such things to normal humans and elected to only allow you to send encrypted email if both ends have a certificate. Thus, with the Outlook family of products, both ends must have a digital certificate. You can still send digitally signed messages with just your own certificate.

How do you give someone your public key so that you can receive encrypted email? Send them a signed email first and their computer will remember the public key and be able to send you encrypted email afterward.

Now that your brain is either humming or hiding, it is time to get your digital certificate. Click Enroll Now to start.