Let's take a look at some concepts before you have a digital signature of your own mail. Let's take a look at the asymmetric encryption, it is the basis of digital signatures, which uses public key / private key pairs. For data encrypted using the private key, you can only use the corresponding public key to decrypt, and vice versa. As the name suggests, the public key means a key that can be provided to many people. Instead, the private key is unique to a particular individual. The distribution mechanism for transmitting the public key to the user is a certificate. But this has a problem, that is, if A issues his certificate, so that the information passed by the public key of others can only be seen by A, but now B wants to peek at the information, he can send it to everyone. A The public key changes the current public key, and this public key is only B to see, so this system has problems. Therefore, the certification authority introduced to the certificate signature to prove the effectiveness of the certificate. Typically, the certificate issuance agency (CA) is signed to the certificate to confirm that the public key comes from the body claimed to transmit the public key. And CA is a mutual trust entity. The currently used digital certificate is an X.509 digital certificate, which not only contains the username and public key, but also contains additional information related to the user. These certificates are not just the order of stones in the number trust level. By using a certificate, CA can provide a method for the certificate recipient, which makes them not only trust the public key of the certificate main body, but also trust other information about the authority of the certificate. Additional information can include an email address, authorize a signature of a document with a certain value, and authorization to become CA and a certificate of certification, and more. X.509 Certificates and many other certificates have a valid period. The certificate will be invalid after the expiration. CA can revoke the certificate for many reasons. To revoke the certificate, CA saves and distributes a list of revocations, ie the certificate revocation list (CRL). Network users access CRL to determine the validity of the certificate. Ok, now I am starting to apply for a digital signature of my own mailbox. First come to a CA (www.thawte.com) that can apply for a personal mailbox number, there is a Free Personl E-mail certificate in its product, from this, click Jion, then follow it step by step, That is, some basic information, as long as you fill in E-mail, it is true, there is a password to remember, because this e-mail and password are the ID and passwords that will be logged in later. In step 7, you will send a mail to your email. After you go to the email, you can go to the next step. According to the probe and ping in the email, you will create your users, then you will be next to the end. , Then have a request, then select that message to obtain a digital signature message, and then never receive Thawte Personal Cert Issue in the mailbox, and then install this digital signature. After completing, you can find the certificate you apply in the certificate of the content of the browser's Internet option. Similarly, you can also log in to OutlookExpress to your mailbox account attribute to add a certificate just now, pay attention to an email usually use a certificate. If you send an email, you can add your digital signature, and accept your email. People will receive an attachment for your public key in addition to email. What are you waiting for, try it?
