• February 2011
    M T W T F S S
     123456
    78910111213
    14151617181920
    21222324252627
    28  

  • Latest Posts

  • Latest Comments

  • Archives

Getting a Digital ID for Outlook 2010

From time to time I need to send documents securely. While I’ve tried some other means in the past, one way is to use the Digital IDs in Outook. Since the certificate is for one year I have to run through this… once a year. That’s plenty of time for me to forget what I did last time, so this time I plan to document what I did…

Steps to get to the Digital ID information in Outlook 2010:

Got to File –> Options:

image

Select the Trust Center:

image

Then choose Trust Center Settings:

image

Then select the E-mail Security tab on the left, and press the “Get a Digital ID…” button:

image

Since I used Verisign the last time I did this, I chose that link on the right hand side of the page that was displayed in my web browser after hitting the “Get a Digital ID…” button:

image

That took me to the Symantec VeriSign Authentication Services page titled, “Digital IDs for Secure Email”.

I then followed the instructions on that site… The steps were:

  1. It asks for information including your credit card information.
  2. Send you and e-mail.
  3. Follow the link in the e-mail and paste in (don’t try to type) your “Digital ID PIN number”…
  4. Install (hopefully) on your machine.

I had trouble installing on one machine… Both machines were Windows 7 x64 with IE 8, but I got an error on the second machine.

Encrypting Requires Digital Signatures (certificates) from Both Parties

Signing is mildly useful, but the primary reason I get the digital ID is to encrypt messages. The requires that both parties have a digital ID. Here’s the dance I went through. In this scenario, to get things working, both I and my wife followed the procedures above and got Digital IDs.

I signed a message and sent it to my wife:

image

Once my wife got it, she opened the e-mail, right clicked on my e-mail address and selected, “Add to Outlook Contacts”. This added me to the Outlook contacts, and since my message was signed, it added my certificate as well. Now she did the same thing, sent me a signed message. If I try to send an encrypted message before adding her to my Outlook Contacts, I get a message like this:

image

“Microsoft Outlook had problems encrypting this message because the following recipients had missing or invalid certificates, or conflicting or unsupported encryption capabilities:”

If I right-click and Add to Outlook Contacts, then sending works just fine… And on the other end, she can read my messages.

So how did I get it to work when the Install didn’t work?

So I mentioned that I had an issue when the Install feature of VeriSign did not work. I spent about 30 minutes trying to troubleshoot it with no luck. I always got an error at the bottom of the page.

So… I downloaded the certificate to my machine, went to the File, Options, Trust Center, Trust Center Options…, E-mail Security, Import/Export… (under the Digital IDs (Certificates)) section… I exported it from the machine that worked, then went into Outlook on the other machine and imported it. That was my workaround.

Summary

Signing is ok, but Encrypting is more valuable to me.

For us to Encrypt, both parties must have a Digital ID and have shared their public keys via signing and adding the user (from a signed message) to the Outlook Contacts.

All in all, it does not seem that this is catching on. Very few users I know have digital signatures and people seem quite satisfied to send documents with their social security numbers as attachments to plain e-mail messages. I’m not that trusting. I wish that many more people used the digital signatures.

This entry was posted on Saturday, February 12th, 2011 at 17:35 and is filed under Technology. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Comment