Information Technology Reference
In-Depth Information
is that ordinary people, in ordinary situations, may from time to time feel that the level of
security they get from ordinary, unencrypted email isn't adequate.
That should give you an idea of why encryption may be important, but what about digital
signatures? Signing a message (which can be done with or without encryption) enables the
recipient to confirm that the message originated from the person whose email address is on
it, and that the message wasn't altered during transit. Given the huge volume of spam we all
receive and the increasing incidence of fraudulent email, it's common to get messages with a
forged From address. Using digital signatures can solve this problem. It lets recipients know
that the person who
appeared
to send the message really did send it, and that no hacker has
surreptitiously inserted ads or malware, or changed the meaning of a legitimate message.
In an ideal world, every email message would be signed and encrypted. Doing so would elim-
inate a great deal of fraud, spam, identity theft, and other societal ills. Unfortunately, the
world is not ideal. It's not practical to sign and encrypt everything, because some email cli-
ents (and most webmail systems, including Gmail) don't support encryption, and even cli-
ents that do often require either special software or complicated setup steps for both sender
and recipient. However, if and when the need arises, you'll be happy to know that Mail has
signing and encryption capabilities, and you can use them with only a modest amount of con-
figuration.
