Skip to content

successfully integrated digital certificate to enable digital signature and/or encrypted email – thank you Comodo!

November 29, 2012

My emails will henceforth be sent with a digital signature – thanks to Comodo being able to provide me with a free digital certificate and decent info on how to incorporate it into Thunderbird.

I doubt I’ll encrypt emails as of now… since that would require explaining to whomever ‘how to decrypt’…. which is actually simple, but then again not so simple to the uninitiated. So, for now, this is a step in the right direction – providing message integrity, authenticity, and non-repudiation.

Without encryption, however, there is no confidentiality… and sadly this is what is really needed MOST. Especially when  I want to communicate personal information to/from family members, etc.  But I fear that it’s not realistic at the moment.

I do think that you cannot ‘blame’ the uninitiated – in fact I think that the answer when it come to email must come in the form of a simpler solution that doesn’t have a steep learning curve.

Email is a nightmare in terms of security – it’s just beginning to dawn on the general public I think. The pubic is very, very slowly learning that email SHOULD be more secure – but making that palatable is just not realistic using the tools available today.

As vital and crucial as it is – I don’t really see anything being offered that is easy to use. You’ve got to be kidding if you think people are going to use (en masse) the method I just implemented for my own use. Or PGP or GPG? Yeah… right.

It took me an entire semester of learning the basics of cybersecurity to even have my eyes opened to the possibility, and to have the basic skill set to know how to make it happen. That’s way beyond what is acceptable or likely in terms of general adoption of such a vital improvement to email.

One video I watched said that over 2 MILLION emails are sent PER SECOND! 99.999% of those (I’m going to assume here so watch out! ) have absolutely nothing secure about them at all. They may be stored securely but from what LITTLE I know it is ‘data in transmission’ that is at its most vulnerable to interception – which means unencrypted emails (read PLAINTEXT) are just out there for the grabbing.

I could be wrong about my assumptions because I am a beginner in this cybersecurity field – but it’s my understanding at the moment. At least digitally signing messages puts me on the right path.

You would need to look up what a Digital Signature is… it’s NOT what you might assume from the two words ‘digital signature.’ It’s an aspect of cryptology. It’s just that it’s not enough.

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: