W3C home > Mailing lists > Public > www-html@w3.org > August 1999

Re: Security Features in Outlook Express

From: Mr. X <bakody@jayapura.wasantara.net.id>
Date: Thu, 5 Aug 1999 15:53:19 +0900
Message-ID: <000001bedf12$304cd6a0$7f37fea9@eksosbud>
To: <www-html@w3.org>, "'Alex Blewitt'" <Alex.Blewitt@ioshq.com>, "Microsoft Outlook Express Team" <outlkxpr@microsoft.com>


  ( O   O )
  (    V    )
   (   =   )
    -----Original Message-----
    From: Microsoft Outlook Express Team <outlkxpr@microsoft.com>
    To: Mr. X <bakody@jayapura.wasantara.net.id>
    Date: 03 Agustus 1999 15:32
    Subject: Security Features in Outlook Express
    Overview | Security Zones | Digital IDs | Secure E-mail

     Security Features in Outlook Express 
    As the use of e-mail and electronic commerce becomes more widely adopted, the amount of confidential information being exchanged over the Internet is growing rapidly. As a result, there is a need to make e-mail messages more secure and private. In addition, with the growing popularity of ActiveX controls, scripts and Java applets, there is an increased chance that the HTML content you receive in an e-mail message could access or modify files on your computer without your knowledge or consent.

    Outlook Express includes tools to help protect you from fraud, help increase your electronic privacy, and help reduce the risk of unauthorized access to your computer. These tools enable you to send and receive secure e-mail more securely and to control potentially harmful e-mail messages through security zones.

    Security Zones
    Internet Explorer 4.0's security zones are like visas that some countries issue to travelers. If the country trusts you, it stamps your passport so you can travel anywhere you like during your visit. If for some reason the country doesn't completely trust you, it strictly limits where you can go and what you can do during your stay. 

    Security zones work the same way, except that you control how much access e-mail messages and web pages have to your computer. Security zones provide advanced protection for your computer and your privacy without interrupting you with repeated warnings. 

    Outlook Express enables you to choose which zone your incoming e-mail is in -- either the Internet zone or the Restricted Sites zone. Which zone you select depends on how concerned you are about active content (e.g. ActiveX controls, scripts and Java applets) weighed against the freedom to run that content on your computer. In addition, for each security zone, you can choose a High, Medium, Low or Custom security level setting. 

    To change your security zones settings for Outlook Express, click the Tools menu, click Options and then click the Security tab. (Note: Changing the settings for the Internet zone or Restricted Sites zone will also change this setting for Internet Explorer and vice versa.)

    Digital IDs
    To use secure e-mail in Outlook Express, you need a digital ID. Digital IDs (also called certificates) provide a means for proving your identity on the Internet, similar to the way a driver's license or other ID cards identify people on a daily basis. 

    Digital IDs allow you to sign your e-mail, so that the intended recipients can make sure that the message actually came from you and has not been tampered with. Also, a digital ID allows other people to send you encrypted messages. For more information, look up "trust status of a digital ID" in the Outlook Express Help Index.

        Getting a Digital ID
        You obtain your digital ID from a certifying authority, an organization responsible for issuing digital IDs and continuously verifying that digital IDs are still valid. You can then send your digital ID to anyone who might need to send you encrypted messages, and you can use the same digital ID for sending signed messages.


        VeriSign, Inc. is the first commercial certifying authority and Microsoft's preferred provider of digital IDs. Through a special offer from VeriSign, Microsoft Internet Explorer 4.0 users can obtain a free trial personal digital ID which you can use to positively identify yourself to friends, business associates, and online services when you send secure e-mail. To take the first step towards sending secure e-mail, get your digital ID now. 

        Using your Digital ID
        Before you can send signed mail, you must associate your digital ID with the e-mail account you want to use it with. To do this, click the Tools menu and click Accounts. Select the account you want to use your ID with, click Properties, and then click the Security tab. Check the box named Use a digital ID when sending secure messages, and then click Digital ID. Select the digital ID you want to associate with this account (only the digital IDs with the same e-mail address as the e-mail address for the account will be shown).

        Backing up your Digital ID
        Part of your digital ID is an irreplaceable private key that is stored on your computer. If the private key is lost, you will no longer be able to send signed mail or read encrypted mail with that digital ID. You are strongly encouraged to make a backup of your digital ID in case the files containing the digital ID are damaged or otherwise unreadable. To back up your digital ID, run Internet Explorer, click the View menu, and then click Internet Options. Click the Content tab and then click the Personal button. The Import and Export buttons on this page allow you to manage your digital IDs. 

    Secure E-mail
    Now that you have a digital ID, you can send secure e-mail. Secure e-mail in Outlook Express protects your Internet communications in two ways: through digital signatures and encryption. Using digital signatures, you can sign your e-mail message with a unique ID that assures the person receiving the message that you are the true sender of the message, and that it was not tampered with in transit. Encrypting e-mail that you send can help ensure that no one except the intended recipient can read the contents of the message while it is in transit. 

    Because Outlook Express uses the S/MIME standard, other people can read secure e-mail that you compose, using programs that support this technology. Likewise, you can read messages composed by other people by using e-mail programs that support S/MIME technology. Outlook Express has built-in secure e-mail and provides an easy-to-use interface for these features: 

        a.. Sending signed mail. Signed e-mail allows an e-mail recipient to verify your identity. To digitally sign an e-mail message, click the Tools menu, and then click Digitally Sign (or use the button on the message toolbar). To send signed mail, you must have a digital ID of your own (see above). 
        b.. Receiving signed mail. Signed e-mail from others allows you to verify the authenticity of a message -- that the message is from the supposed sender and the message has not been tampered with during transit. Signed e-mail messages are designated with special signed e-mail icons. Any problems (described in Outlook Express security warnings) with signed e-mail that you receive could indicate that the message has been tampered with or was not from the supposed sender. 
        c.. Sending encrypted mail. Encrypting an e-mail message prevents other people from reading it when it is in transit. To encrypt an e-mail message, you need the digital ID of the person you are sending the e-mail to. The digital ID must be part of the person's entry in the Address Book. To send encrypted mail, click the Tools menu, and then click Encrypt (or use the button on the message toolbar). 
        d.. Receiving encrypted mail. When you receive an encrypted e-mail message, you can be reasonably confident that the message has not been read by anyone else. Outlook Express automatically decrypts e-mail messages, provided that you have the correct digital ID installed on your computer. 
        e.. Sending your digital ID to others. For others to be able to send you encrypted mail, they need your digital ID. To send it to them, simply send them digitally signed e-mail (see above) and Outlook Express will automatically include your digital ID. 
        f.. Retrieving others' digital IDs. To send others encrypted mail, you need their digital ID. Outlook Express is the first e-mail program to allow you to retrieve digital IDs via directory services. To find a digital ID, click the Edit menu, and then click Find People. Select a directory service that has digital IDs (such as the VeriSign directory service), enter the recipient's name or e-mail address in the appropriate search field, and then click Find. Select a listing from the results pane and then click Add to Address Book. (Another way to get someone else's digital ID is to have that person send you signed mail. To add the digital ID from a piece of signed mail to your Address Book, click the File menu and click Properties. Click on the Security tab and click the Add Digital ID to Address Book button.) 
        g.. Changing trust status on digital IDs. When you add someone's digital ID to your address book, it has a trust status associated with it which indicates whether you trust the individual, group, or corporation to whom the digital ID was issued. If a digital ID owner warns you that he or she suspects that the digital ID's private key has been compromised, you may want to change the trust status to "Explicitly Distrust." For more information, look up "trust status of a digital ID" in the Outlook Express Help Index. 
Received on Thursday, 5 August 1999 03:05:03 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 15:05:51 UTC