Web of Trust Information
and e-mail security

Overview Getting Secure Thawte Notary Service Using your Certificate

Getting Secure

The first step is getting your free personal e-mail certificate.
When you sign up to get this certificate, you will need to provide Thawte an ID number that can be shown to 'notaries' that will help you become trusted. This will most likely be your driver's license number.
We'll discuss 'notaries' later, but basically a notary is someone that Thawte trusts to physically look at your identification in a face-to-face meeting and vouch for you. This is the basis of the credibility of this certificate. You must meet with at least 2 notaries to become 'trusted'. When you sign up to get a certificate, you will gain access to the directory of Thawte notaries world-wide.

In the meantime, while you're not officially trusted, you will have a certificate that includes your e-mail address, but not your name. Although not fully trusted, it's much better than a truly anonymous message.

It is probably not unusual for people to use certificates for quite some time that don't include their name. This is not the best usage, but it's not really a problem.

Known issues

Unfortunately, not all e-mail clients will handle these certificates. The technology that we're dealing with here is called S/MIME. MIME is the standard e-mail 'language', S/MIME is MIME with security added on to it. You might want to check with your e-mail client vendor* to check if it's S/MIME compliant. Most modern clients are with a couple of notable exceptions: AOL and web-based e-mail. Why is AOL still non-compliant? Great question. Why are web-based e-mail systems not compliant? Well, the short answer is that web-based e-mail is not really MIME.

*E-mail client vendors
If you're using Outlook or Outlook Express, then the vendor is Microsoft. If you're using a fairly recent version, you're probably okay - with a few caveats. Outlook and Outlook Express send signed message in a funny way. This results in some other clients not being able to decode it properly. If you're using Outlook or Outlook Express, send your recipients a test message before you assume that they will be able to read your message.

If you're using Mozilla's Thunderbird - you're probably golden! You should have no trouble sending or receiving signed messages.

If you're using AOL, you almost certainly will not be able to deal with S/MIME. You might send an e-mail message to support and asked if they've updated to the 1990s yet. (If you find that they have added support for S/MIME, please send me a message and I'll correct this page.

Netscape - it depends. Send a test message to your friends and see how it goes.

Qualcomm's Eudora. Recent versions should be fine.

Previous Page Next Page