Information Technology Reference
In-Depth Information
you a signed (but not encrypted) message. When you receive it, Mail adds the person's certi-
ficate to your keychain.
That done, follow these steps:
1. Compose and address a new message as you normally would.
2. Select the encryption
button; when it's selected, the padlock icon changes to
a closed state
.
The encryption button is usable only when an address field (To, Cc, or Bcc) con-
tains an email address for which there's a matching certificate in your keychain.
If you know you have a person's certificate but the button isn't enabled, open
Keychain Access, double-click the person's name in the Certificate list to see that
you're using the same email address that the certificate was issued under (since
a person can have more than one email address), and that the certificate hasn't
expired. If either of these problems exists, ask the person to send you a new,
signed message from the proper email address, or send the message to the listed
address.
3. Optional, but
highly
recommended: also sign the message by clicking the digital
signature
button, changing it to the selected
state.
4. Click Send.
If this is the first time you've used your certificate to sign or encrypt a message,
you're prompted to confirm that Mail may use the certificate in your keychain.
Click Allow or (my recommendation) Always Allow to grant Mail access to the
certificate.
Mail sends the encrypted (and optionally signed) message—that's all there is to it. (Read on
to find out what happens on the other end.)
A few words of caution, however: Although encrypting a message guarantees that it's
scrambled all the way from your computer to the recipient's, once it has been downloaded
and decrypted on the other end, your message could potentially be read by anyone with ac-
cess to that computer. So, the safe use of encryption requires both parties to take appropriate
measures to protect the decrypted text.
Read Signed or Encrypted Mail
Each email client has its own way of handling incoming signed or encrypted messages—and
a few can't handle them at all. Although I can't explain what the experience is like for every
client, I want to describe how Mail works with such messages.
