Forum

S/MIME (Secure/Multipurpose Internet Mail Extensions)

S/MIME (Secure/Multipurpose Internet Mail Extensions)  

  By: Veselovský on Sept. 15, 2013, 12:52 p.m.

Do you have some experiences in using S/MIME to sign and encrypt emails?
How can it be secure when you have to ask for a certificate from some certificate authority and there is no choice of some secret password (known only to you) on your side, i.e. it is a certificate authority that "choose" secret key for you. That means that this authority knows your "secret" key.

Then what is the purpose of all of this when the authority itself can read your encrypted emails?

Am I missing something?

Re: S/MIME (Secure/Multipurpose Internet Mail Extensions)  

  By: wackerao on Sept. 16, 2013, 2:58 a.m.

Hi,

the private key is generated locally in your browser. Only the public key is sent to the CA, which in turn signs it.

However, you are correct with one thing: this process, i.e. creating the private key locally, is not as transparent to the user as it should be. You usually go to a website (e.g. StartSSL/Comodo) and then you create a key pair. For you it seems, that everything is done on the server, however in reality your browser creates the private key - which never leaves your PC.

Hope this clarifies your issue.

Cheers,
Arno

Re: S/MIME (Secure/Multipurpose Internet Mail Extensions)  

  By: Veselovský on Sept. 16, 2013, 12:11 p.m.

For you it seems, that everything is done on the server, however in reality your browser creates the private key

Yes, I used Comodo website and this was exactly how it seemed to me :-D …I also agree with your comment about the transparency

Now it makes more sense… thank you for your response


Currently 19 guests and 0 members are online.
Powered by the CrypTool project
Contact | Privacy | Imprint
© 2009-2024 MysteryTwister team