X.509 certificates...
via fbartho: http://www.oreillynet.com/pub/a/mac/2003/01/20/mail.html?page=1
It covers mail encryption and/or digital signing.
The link is actually a bit out of date though, but the process is pretty painless. Just head over here:
https://www.thawte.com/secure-email/personal-email-certificates/index.html
And then click on "Join".
You'll go through a process of e-mail verification, then information gathering (not that much personal stuff, but you'll need to give them 5 questions for later verification, should you lose/forget your password). Note that they don't gather a phone number, so you _should_ go back and add that in afterwards, so they can call you for lost-password retrieval.
Once that's complete, request a certificate, and if you're running in Safari and using Mail, it's very easy. As soon as your certificate is ready, they'll send you an e-mail. Click the "Fetch" button, and it'll download (an .exe file, yes, I know. Just click "Download"). Keychain Access will pop open. Select "Keys", and you should see a "Key from www.thawte.com". Double-click on the private key, and select the "Access Control" tab, then change it to "Confirm before allowing access" and check the "Ask for Keychain password". This way, if you lose control of your computer, people can't just sign e-mails with your key, without your keychain password. Which... should be ok, unless people get control of your keychain password.
Eh, well, so the last bit is actually up to you. Once it downloads, you're all set to send e-mails.
Mail me. :) I'm at ben.juang //at// comcast.net.
It covers mail encryption and/or digital signing.
The link is actually a bit out of date though, but the process is pretty painless. Just head over here:
https://www.thawte.com/secure-email/personal-email-certificates/index.html
And then click on "Join".
You'll go through a process of e-mail verification, then information gathering (not that much personal stuff, but you'll need to give them 5 questions for later verification, should you lose/forget your password). Note that they don't gather a phone number, so you _should_ go back and add that in afterwards, so they can call you for lost-password retrieval.
Once that's complete, request a certificate, and if you're running in Safari and using Mail, it's very easy. As soon as your certificate is ready, they'll send you an e-mail. Click the "Fetch" button, and it'll download (an .exe file, yes, I know. Just click "Download"). Keychain Access will pop open. Select "Keys", and you should see a "Key from www.thawte.com". Double-click on the private key, and select the "Access Control" tab, then change it to "Confirm before allowing access" and check the "Ask for Keychain password". This way, if you lose control of your computer, people can't just sign e-mails with your key, without your keychain password. Which... should be ok, unless people get control of your keychain password.
Eh, well, so the last bit is actually up to you. Once it downloads, you're all set to send e-mails.
Mail me. :) I'm at ben.juang //at// comcast.net.