Appendix A. Sending Secure Email
As we rely more and more on email to provide essential business communications, protecting the privacy and authenticity of email becomes more and more crucial. Most modern email software applications provide the means to secure your email and provide recipients with proof of the email’s validity; Windows Server 2003 provides the public key infrastructure (PKI) necessary to issue the cryptographic keys that make secure email possible.
What Is Secure Email?
Secure email takes one of two forms, each designed for a specific purpose:
- Digitally signed
Designed to provide email recipients with proof that a message was, in fact, written by you and that the message was unaltered since you sent it
- Encrypted
Helps protect the contents of a message, ensuring that only the recipient can successfully read it
Digital signatures recognize that not all email is private and that the means to transmit email are highly susceptible to tampering. Skilled attackers can intercept email in transit, modify it, and send it to the original recipient. In this way, attackers can falsify information, give conflicting instructions, and generally disrupt business. Digital signatures place a relatively small additional load on an email, because they encrypt only a small portion of the email: the signature itself.
Tip
How often would digitally signed email be beneficial? Consider that almost everyone has received spam email claiming to be from a bank or a celebrity. If these messages were ...
Get Securing Windows Server 2003 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
