Outlook supports digital IDs from Geotrust and Verisign,
but I would like to find something that will let our students
participate in using the digital signatures without having to
pay for one and with the adjunct faculty we hire on a per
semester basis, the benefit of using digital signatures would
be overcome by the cost.
MIT provides a free version of the commercially licensed PGP for Win32
[http://www.pgp.com]. I have tried the MIT PGP 6.5 distribution (which
includes a plug-in for Outlook) [http://web.mit.edu/network/pgp.html] but it
did not work properly unless the login account on the Windows box is a
member of the Administrators group.
I also tried the GNU Privacy Guard (GPG) plug-in for Outlook
[http://www3.gdata.de/gpg/download.html] which depends on GPG for Win32
[http://www.gnupg.org/(en)/download/index.html]. This plug-in simply didn't
work for me at all and the user interface was broken, perhaps also not
designed to run as a non-admin.
On the other hand S/MIME support is built right in to Outlook and most other
email clients. The problem is the cost of having a trusted certificate
authority generate keys for the client. I have found Thawte Freemail "web of
trust" to be a good solution. Perhaps it will work for your situation.
Thawte will issue S/MIME certificates free-of-charge. Basic certificates are
free and only certify the email address. There is a web-based personal
certificate manager for revoking and issuing new certificates.
There is also a mechanism for acquiring an account that identifies a real
identity instead of just an email address, but it requires that an applicant
be certified by other previously certified account holders in his/her
location. Hence, "web of trust". In practice, this is a lot of rigmarole and
I wonder how useful for most applications.
[http://www.thawte.com/wot/]
Brian A. Reiter
WolfeReiter, LLC [http://www.wolfereiter.com]
smime.p7s
Description: S/MIME cryptographic signature
