Email security - put my money where my mouth is
The first "Internet" application I ever used was
email, circa 1983. Seeing computers used to
communicate (and not just solve scientific
equations) was an epiphany to me. But, I was
shattered to later learn that email isn't secure. In
fact, it is about as far from secure as anything we
know in the electronic world.
So, for about the past 2 years, I've been slowly -- but increasingly loudly -- advocating secure email. I've been a PGP user since it was introduced to the public in 1992, and more recently, I've been an S/MIME user. I started digitally signing all of my outgoing emails as of about 2 years back. It was an experiment, and one that hasn't entirely succeeded, I should add.
Then, about a year or so ago, I learned about Thawte's free email certificate program. They use a certificate signing mechanism not entirely unlike PGP's web of trust. When you get a free (!) Thawte email certificate, you start by only being able to include your email address in the certificate. Then, you get your identity verified by Thawte notaries, who are community volunteers who help the effort. Once you've gotten sufficient (50) points, you can include your real name in your (still free) email certificates.
This seemed like an interesting and novel approach to me, so I went ahead and took the plunge. In the last couple months, I've gotten not just the 50 points I needed to have my real name in my certificate, but the 100 points needed to become a Thawte notary. I decided to put my money where my mouth is and be part of a solution and not just whine about all the problems.
In order to notarize a Thawte certificate, the notary must meet the certificate holder in person and verify her identity via two forms of national identification (e.g., passport and driver's license).
I am now a Thawte notary. If any of you are interested in this free (!) and useful service, start by going out to the Thawte web site and getting yourself a freemail certificate. Most modern emailers and browsers can handle X.509 certificates just fine. Follow Thawte's instructions (admittedly, their web site isn't entirely intuitive) and start using your certificate. Then, go out and find a couple notaries in your area, again via the Thawte web site. It only takes a few notarizations and then you'll be up and running with a free X.509 certificate.
I'm happy to notarize any of you who want to make use of this -- after following the proper procedure, of course.
Big deal, eh? Well, the big deal is that now you can send email that your recipients can validate with a high degree of confidence came from you. Believe it or not, that is a big deal. If you want to be able to trust the email you receive, then this little bit of infrastructure is essential.
Cheers,
Ken
So, for about the past 2 years, I've been slowly -- but increasingly loudly -- advocating secure email. I've been a PGP user since it was introduced to the public in 1992, and more recently, I've been an S/MIME user. I started digitally signing all of my outgoing emails as of about 2 years back. It was an experiment, and one that hasn't entirely succeeded, I should add.
Then, about a year or so ago, I learned about Thawte's free email certificate program. They use a certificate signing mechanism not entirely unlike PGP's web of trust. When you get a free (!) Thawte email certificate, you start by only being able to include your email address in the certificate. Then, you get your identity verified by Thawte notaries, who are community volunteers who help the effort. Once you've gotten sufficient (50) points, you can include your real name in your (still free) email certificates.
This seemed like an interesting and novel approach to me, so I went ahead and took the plunge. In the last couple months, I've gotten not just the 50 points I needed to have my real name in my certificate, but the 100 points needed to become a Thawte notary. I decided to put my money where my mouth is and be part of a solution and not just whine about all the problems.
In order to notarize a Thawte certificate, the notary must meet the certificate holder in person and verify her identity via two forms of national identification (e.g., passport and driver's license).
I am now a Thawte notary. If any of you are interested in this free (!) and useful service, start by going out to the Thawte web site and getting yourself a freemail certificate. Most modern emailers and browsers can handle X.509 certificates just fine. Follow Thawte's instructions (admittedly, their web site isn't entirely intuitive) and start using your certificate. Then, go out and find a couple notaries in your area, again via the Thawte web site. It only takes a few notarizations and then you'll be up and running with a free X.509 certificate.
I'm happy to notarize any of you who want to make use of this -- after following the proper procedure, of course.
Big deal, eh? Well, the big deal is that now you can send email that your recipients can validate with a high degree of confidence came from you. Believe it or not, that is a big deal. If you want to be able to trust the email you receive, then this little bit of infrastructure is essential.
Cheers,
Ken
|