Digital signed mail- certificate issuing

David Southwell david at
Wed Apr 25 20:30:27 UTC 2007

On Wednesday 25 April 2007 13:19:36 Jeffrey Goldberg wrote:
> On Apr 25, 2007, at 11:10 AM, David Southwell wrote:
> > Can anyone please tell me the simplest way I can issue my customers
> > a means of
> > digitally signing emails they transmit to us via our server. I need
> > the
> > chosen method to be compatible with most popular email clients and
> > popular
> > webmail services.
> As someone said, PGP and S/MIME are really the two choices.  Neither
> will be simple enough to go smoothly with all of your users,
> particular your webmail users.  Both involve understanding some
> apparently tricky concepts, although your users (but not you) can be
> spared from many of them.  Particularly if you wish to issue
> certificates (either client certificates or a self-signed server
> certificate) you need to develop a good understanding of how things
> are supposed to work.
> > Every customer has their identity and email addresses stored on our
> > mysql
> > database.
> >
> > Essentially my target is , as far as possible, to ensure that emails
> > purporting to come from my customers are indeed from them and noone
> > else.
> Do you need to know that it really is from such and such person, or
> can you get by with knowing that it really is from such and such
> email address?  If the latter will be enough, then you can use the
> same sort of confirmation mechanism that is used by mailing list
> management systems.  Simply require a response sent to a confirmation
> request sent to the email address you are trying to authenticate.
> Also, why does this have to be an email based system instead of a web
> based one?  
We need to cater for communications from ships at sea that are able to use  
slow wireless email systems but are not able to access the web.


> For the latter users can authenticate with a simple 
> username and password.
> -j

More information about the freebsd-questions mailing list