Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the '10.4: Use .Mac iChat certificates in Mail' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.4: Use .Mac iChat certificates in Mail
Authored by: larse on Nov 29, '05 09:29:55AM
If you are serious about email authentication/encryption, you would do well to get a certificate that is signed by one of the top-level CAs.

You can get one from Thawte for free: Thawte Web of Trust

[ Reply to This | # ]

10.4: Use .Mac iChat certificates in Mail
Authored by: alanr on Nov 29, '05 12:11:33PM

Hmm. Tried to go to the thawte site, but it requires one to log in, even to join.



[ Reply to This | # ]
10.4: Use .Mac iChat certificates in Mail
Authored by: pme on Nov 29, '05 02:55:58PM

That's quite expected for such service, isn't it :-)

(You also need to trusted people in person to earn points to get a certificate with your name on it. Otherwise the certificate is named after your email address.)

I've used their service since Mail.app started supporting it, and it's solid.



[ Reply to This | # ]
10.4: Use .Mac iChat certificates in Mail
Authored by: puggsly on Nov 29, '05 04:44:10PM

Ok, so I know who verisign is and I would trust them I guess but what would make them more "trusted" than Apple Computer or Microsoft or any other major company? Maybe I don't get the whole certificate thing but basically we are trusting that Apple is a real company who issues unique digital signatures to people and that if I ask them to verify who's key was used to secure an email that they will not lie.

How is one more "serious" than another? I just don't get it.



[ Reply to This | # ]
10.4: Use .Mac iChat certificates in Mail
Authored by: scott.gardner on Nov 30, '05 08:16:03PM

It's worth noting, I sent a message to Thawte on 3 separate occasions. They never responded:

Hello,

I signed up for a digital certificate a few weeks ago with you. I received and set everything up on my end, and subsequently tested a scenario to ensure the security of my email communication, as follows:

1. I sent an email from my digital-certificate signed email account (...@mac.com) to an alternate non-signed email account (...@yahoo.com), with the message body "asdf."
2. In my yahoo account, I redirected this email to a 3rd alternate non-signed email account (...@gmail.com), adding this text to the message body: jkl;
3. In my gmail account I received the redirected email with the altered message body, yet still showing signed by ...@mac.com

It appears to me that this digital signature is not accurate, because the message was altered by the recipient and then re-directed to another email. See test email chain below. I've emailed you several times regarding this issue and have not received a response.

Please advise.

Thanks,
...

Begin forwarded message:

Resent-From: ...mac.com>
From: ...@mac.com>
Date: September 2, 2005 11:36:42 AM CDT
Resent-To: ...@gmail.com
To: ...@yahoo.com
Subject: test 11:36


asdf

jkl;



[ Reply to This | # ]
10.4: Use .Mac iChat certificates in Mail
Authored by: jeffzacharias on Dec 01, '05 08:07:23PM

I tried Thawte and I don't like them. I didn't like their signup or how their whole trust system works. I trust Apple much more than a company from South Africa with and awkward system.



[ Reply to This | # ]
10.4: Use .Mac iChat certificates in Mail
Authored by: WillTBrown on Feb 06, '06 08:05:32PM

I do not have a problem with thawte, and I have been a Web of Trust notary with them for a couple years now.

The point of giving over unique, personally identifable informaiton to a Certificate Authority is that you can get your certificates trusted by a top-level third party. Having gone through the authentication process with thawte, I feel very confident with any email certifcate issued by thawte with a person's name on it.

I have also gone through the WOT assurance process with CACert.org, a group that gives out free email and SSL certificates.

Yes, you are giving out valuable information to a third party. But you do this all the time to Banks, doctors' offices, and your employer. I fear an underpaid clerk at the HR department at work selling my identity more than I do a company like thawte, which is in the business of keeping secrets, after all.

Just my two cents.



[ Reply to This | # ]
10.4: Where do I find the public key for my .Mac account
Authored by: Craigriver on Jun 02, '06 09:20:27AM

This is all very useful. Please tell me how to identify the public key for my .Mac account. I want to publish it on public key servers. Thank you.



[ Reply to This | # ]