Digital signed mail- certificate issuing
david at vizion2000.net
Wed Apr 25 20:30:27 UTC 2007
On Wednesday 25 April 2007 13:19:36 Jeffrey Goldberg wrote:
> On Apr 25, 2007, at 11:10 AM, David Southwell wrote:
> > Can anyone please tell me the simplest way I can issue my customers
> > a means of
> > digitally signing emails they transmit to us via our server. I need
> > the
> > chosen method to be compatible with most popular email clients and
> > popular
> > webmail services.
> As someone said, PGP and S/MIME are really the two choices. Neither
> will be simple enough to go smoothly with all of your users,
> particular your webmail users. Both involve understanding some
> apparently tricky concepts, although your users (but not you) can be
> spared from many of them. Particularly if you wish to issue
> certificates (either client certificates or a self-signed server
> certificate) you need to develop a good understanding of how things
> are supposed to work.
> > Every customer has their identity and email addresses stored on our
> > mysql
> > database.
> > Essentially my target is , as far as possible, to ensure that emails
> > purporting to come from my customers are indeed from them and noone
> > else.
> Do you need to know that it really is from such and such person, or
> can you get by with knowing that it really is from such and such
> email address? If the latter will be enough, then you can use the
> same sort of confirmation mechanism that is used by mailing list
> management systems. Simply require a response sent to a confirmation
> request sent to the email address you are trying to authenticate.
> Also, why does this have to be an email based system instead of a web
> based one?
We need to cater for communications from ships at sea that are able to use
slow wireless email systems but are not able to access the web.
> For the latter users can authenticate with a simple
> username and password.
More information about the freebsd-questions