Unfortunately, this is not an option. In order to digitally sign or decrypt your messages, the private key (which...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
is part of your digital ID) has to be installed on the PC you are using to access your webmail. Theoretically, this would be fine if you only accessed your webmail from your own PC. However, one of the main advantages of webmail is that you can access it from any Internet-connected PC. If you installed your digital ID on every public computer you used, you would soon find others using it to impersonate you. This would destroy the whole concept of a digital ID, as it is supposed to be "tied" to its owner. This is why current webmail programs, like Hotmail and Yahoo, are unable to handle digital certificates or encryption. So, for now you will have to use an e-mail program such as Outlook Express if you want to sign, encrypt and decrypt your e-mail. If you read your e-mail using a Web browser, it is likely to simply ignore the certificate and just show an smime.p7s attachment. The e-mail displays like any other e-mail but you won't know that it has been digitally signed.
You don't have to store your digital certificate and keys on your PC's hard drive. You can use a floppy disk or other removable media, such as a USB key or smart card. In the future, popular webmail services may be able to detect if your digital ID is stored on removable media and therefore allow it to be used. However, unless there is huge demand from the public for such a service, I doubt it will appear any time soon even though it already exists for enterprise Intra and Extranets. The latest version of Outlook Web Access supports S/MIME e-mail, for example. The user must either be using the PC that stores their digital certificate or activate the removable device on which it is stored to make the certificate available to the browser. For example, if you were using a smart card you would need to insert it into a reader and enter the Personal Identification Number (PIN) before the certificate could be used.
There are also mail applications for organizations that wish to exchange secure e-mail with external customers and partners who do not have certificates or S/MIME capabilities within their own e-mail applications, such as Entrust's Entelligence WebMail Center.
Dig Deeper on PKI and Digital Certificates
Related Q&A from Michael Cobb
Open source NoSQL MongoDB database faced 30,000 insecure instances. Expert Michael Cobb explains the misconfiguration that led to this, and how to ...continue reading
A new Veracode report offers details on common mobile application security risks. Expert Michael Cobb explains these flaws, and what developers can ...continue reading
Juniper firewall products were found to have two backdoor vulnerabilities. Expert Michael Cobb explains how a cryptographic algorithm and hardcoded ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.