abstract
Before sending a digitally signed email, you must obtain a digital ID (also known as a digital certificate). For the method of obtaining digital ID card, please refer to applying for digital certificate.
The so-called digital identity refers to a certificate issued by an independent authority to prove your identity on the Internet. It is your ID card on the Internet, and it is a certificate that users must have when using the certificate mechanism to ensure the safety of sending and receiving emails.
E-mail digital signature and encryption follow S/MIME protocol. S/MIME, the full name of which is "Secure/Multipurpose Internet Mail Extension", is a technology that encapsulates security services in MIME through multi-component media types defined in RFCl847. It provides authentication, letter integrity, digital signature and encryption.
Digital identification includes "private key" and "public key". The private key is confidential, which is held by the certificate applicant alone and needs to be properly kept. Once the private key is leaked, the certificate should be cancelled as soon as possible to avoid being fraudulently used by others; The public key is public, you can send it to others, and others can get it from the certificate authority.
symbol
After applying for a digital certificate, you can use the private key of the certificate to send a digitally signed email to any email address. With a digital signature, the recipient can verify your identity and confirm that the email was sent by you and has not been tampered with. So as to prevent others from using your identity to send emails, or tampering with emails in the middle.
encrypt
To send an encrypted email to the recipient, and the other party can decrypt it correctly, the recipient's public key must be obtained first. When sending a message, encrypt the message with the public key. When the recipient receives the encrypted mail, he can use the corresponding private key to decrypt the mail and read it. Even if someone steals the mail, they can't read it because they don't have the corresponding private key.
By using digital signatures, you can confirm the following two points:
The 1. information was sent by the signer.
2. The information has not been modified during transmission.
In this way, digital signature can be used to prevent sending information in the name of others; Or send a letter and deny it.
Send digitally signed or encrypted messages.
A digitally signed e-mail allows the recipient of the e-mail to verify your identity, while an encrypted e-mail prevents others from reading it when it is sent. When sending an email, you can only sign it, encrypt it, or sign and encrypt it at the same time.
Send signed mail
To add a digital signature to a message, click the Digital Signature menu item in the Tools menu of the Message Writing window, or click the Signature button in the toolbar.
To use an account to send digitally signed e-mail, you must first apply for a digital certificate for the e-mail address of the account, otherwise, users will be prompted to apply for a digital certificate when sending e-mail.
In the account properties, you can set a certificate for the account. When sending digitally signed e-mail, the certificate will be used for signing. If it is not set, the "Certificate Selection" dialog box will pop up, prompting the user to select a certificate as the certificate of the account.