Our organization has Outlook 2003, Exchange 2007 and Active Directory 2003. We wanted to introduce a digital signature option in Outlook 2003, but what are the security pros and cons of implementing digital signatures?
Digital signature implementation is used to validate not only that content has been generated by a specific individual's account, but also that the actual owner of the account was the one who generated the content; like when you sign a check or a legal document, your signature is used for verification that only you initiated the transaction. This provides the benefit of ensuring the content was created by a trusted source and was not modified in any way; the actual content is used to generate a value in the digital signature algorithm that signs the content, so if anything is added or deleted after the content is signed, the digital signature check value will return an error.
Implementing digital signatures requires one of two different types of certificates to sign the content: self-issued certificates or certificates received from a formal certification authority. The pros and cons of this have to do with trust. If you're going to use digital signatures solely within your organization, you can create your own. But, like creating your own license plates and driving off your property, self-signed certificates won't be recognized as coming from an authoritative source by outside parties. This breaks the content trust between your organization and theirs.
Thus, if you want certificates for verification with outside parties, you'll want to go through a formal certification authority for multiorganizational digital signature trust. The downside is that you'll have to pay for any certificates they generate for you -- generally on a certificate-per-user basis.
From a usage perspective, a general problem with using digital signatures is awareness training for your users. It's necessary to have a program in place to educate users about when it's appropriate to use a digital signature for validating their content, when they should look for a digital signature to validate content they receive, how to get a digital signature for their own use, and, of course, administrator training on how to issue and revoke digital signature certificates.
Finally there's the case of backup and storage of digital signature certificates. Once the certificate is loaded into the user's profile, it must be marked never to back up this field, unlike content encryption certificates, which should be backed up in case you have to decrypt files many years from now. Because digital signatures provide non-repudiation -- the person in possession of the certificate is the only one who has access to it -- digital signature certificates must never be backed up. If they are backed up, the assumption is that others could have used it to sign content by accessing the certificate from the backup, thus breaking the non-repudiation factor, and destroying the value of the digital signature certificate.
- Can any organization get a digital signature certificate? Read more>
- Learn more about private and public keys that can create a digital signature.
Dig Deeper on PKI and digital certificates
Related Q&A from Randall Gamby
Learn how to create account lockout policies that detail how many unsuccessful login attempts are allowed before a password lockout in order to ... Continue Reading
When it comes to minimum password length, 14-character passwords are generally considered secure, but they may not be enough to keep your enterprise ... Continue Reading
Enterprise SSO products have matured over the years, so what's the state of eSSO today? Expert Randall Gamby discusses. Continue Reading