First version 24 Oct 2003
Last update 15 Jan 2008

Joar Wingfors, certificates@joar.com
Spanish translation
German translation
Italian translation
Swedish translation

 
Using encryption and digital signatures in Mail

 
Introduction

Email is one of the oldest Internet technologies, designed and put to use at a time when the Internet was still a safe and friendly place. This is no longer the case, but many email servers still allow anyone on the Internet to access their services to send "spam" email, and many of us still send our account passwords and email messages in clear text over the wire.

The version of Mail that ships with Mac OS X 10.3 gained the ability to sign and encrypt email messages. This is great news, because it allows us to verify the identity of the sender of a received email message, to verify that the message has not been tampered with in transit and finally to send encrypted email messages - in other words the ability to put an envelope and a seal on our email messages.

With this web page I aim to provide a step by step guide for getting started with using these new features in Mail.

 
The Digital Certificate

In the "real world", there are several trusted authorities which specifically validate a person's identity. These identifications can be documented in the form of a driver's license or a passport. In the digital world there are similar authorities issuing digital certificates.

There are several types of digital certificates, this guide concerns email certificates. An email certificate is used to verify that sender of an email message, is indeed the owner of the email address that the message is sent from.
In other words, if you receive an email message from John.Doe@mail.com, the certificate will not tell you who the owner of that email address really is, but rather that the owner of that email address - whomever that person might be - is the one sending the message.

You need a digital certificate to be able to sign and encrypt email messages. There are of course several Certification Authorities issuing digital certificates. In this guide we will get the certificate from Thawte, a South African based company, owned by VeriSign, that offers free email certificates.

Note: If you are a .Mac member, and use Mac OS X 10.4, you can get a certificate from Apple instead of Thawte.
Follow the link to Mac OS X Hints at the end of this article to learn more about how to do that. It might still be a good idea to browse through the rest of this article for more in depth information on this topic.

Note: You currently need to use either Safari 1.2, or Mozilla to request and download certificates. In this guide I will only show you how to work with Safari as it makes the whole process much easier. Read the FAQ at the end of this article to find out if you would benefit from using Mozilla.
Please note that this is not idle talk; you actually do need to use one of these two web browsers, as the other browsers available for Mac OS X don't have the required support for certificates.

Head over to their site using this link and create an account by filling out the form provided when hitting the "join" button:

Thawte: Personal E-mail Certificates

Pay special attention to provide a secure password for the Thawte account. Use the Keychain Access application provided with Mac OS X to store the password, and the "challenge-response" questions you provide, as a "Secure Note".

Once the account is created you can log in to their member site using this link, and request a certificate by filling out the form provided when hitting the "request" button:

Thawte: Request A Certificate

Accept the default values on the four first pages of the form. On the fifth page choose to "Accept Default Extensions". When proceeding past the sixth page a keypair will be generated and downloaded to your Keychain. If the Keychain is locked, you will be prompted to unlock it to allow the keys to be added. Accept the last page of the form to send the request to Thawte.

               

Note: I expect that most of us will choose to take advantage of the ability to opt-out from being contacted by Thawte, and "Thawte holding companies, subsidiaries, business partners, or representatives", about anything not directly related to our certificates. You can opt-out by submitting your email address on this page at their site:

Thawte: Opt-Out

Their privacy statement can be found here:

Thawte: Privacy Policy

This would be a good time to take a short break. Thawte is generating your new certificate, and that will take a few minutes. You can either wait for the email message they are supposed to send when done, or simply monitor the progress on the web page with your certificates directly:

Thawte: Certificate Request Status

Initially the status of your new certificate will be "pending" and when the process is finally complete, the certificate's status will change to "issued". When the certificate is issued you can hit the link named "Navigator" to be redirected to a page where the details of your certificate is presented, and with a "fetch" button to download the certificate with:


After you hit the fetch button the download panel will open. Once the download is complete, Safari will automatically launch the Keychain Access application to transfer the certificate.

Note: You need a separate certificate for every email address you are using.
Return to Thawte to register additional email addresses, and to download certificates for these email addresses.

 
Using Mail

To send a signed email, simply select the sign button in the new message window. Similarly, to send an encrypted message tick the encrypt button.

You should always select both buttons, if available, unless the recipient of the message has explicitly requested not to receive signed or encrypted messages.

Note: A signed message will allow you to validate the integrity of the message (i.e. that it has not been tampered with since it was signed by the sender), and the identity of the sender - but the message is still delivered in clear text, unless also encrypted. An encrypted message will protect the body of the message from prying eyes, but it is not signed.

If you have a certificate you can send signed messages to anyone, but you can only send encrypted messages when both you and all recipients of the message have certificates.
Mail needs the certificates to encrypt the outgoing message. If Mail did not require that you, and not only the recipients, need to have a certificate in order to be able to send encrypted email messages, you wouldn't be able to read your sent encrypted messages later.

The easiest way to let Mail know that a recipient has a certificate, and to give Mail access to that certificate, is to have that recipient first send you a signed message (not encrypted, just signed). Mail will automatically store the certificates it receives in the Keychain for future reference.
The encrypt button will not be visible when the recipient doesn't have a certificate, or if it has one but you don't have a copy of the certificate stored in your Keychain.

This is what a signed and encrypted message will look like when you're on the receiving end. The little badge with the checkmark is the seal that ensures that the identity of the sender is known to be correct, and that the message has not been modified since it was signed by the sender.

If Mail can't verify the message signature, like in this example where some text has been added to the message after it was signed, Mail will display a warning to alert the user.

 
Final Thoughts

It is my hope that Apple will establish secure email as the norm, rather then the exception, just like they helped to establish USB, WiFi, and many other technologies over the years. This is most likely impossible as long as the process of acquiring a certificate is as difficult as it is today. Apple could solve this problem by providing every .Mac member with an email certificate. In this way the aquisition of email certificates could be made completely transparent to the end user.
 
I welcome feedback, suggestions and bug reports - use the email address available at the top of the page.

 
FAQ

 Q: The keychain will not import a certificate because "The specified item already exists in the keychain".
 A: This is most likely because the certificate about to be added has the same email address as a certificate already in the Keychain. Inspect the imported certificates in the Keychain Access application to verify if this is the case or not.
If you have certificates for more than one email address, you possibly requested and, or downloaded the same certificate more than once.

 Q: I have a certificate for my email address in my Keychain, why doesn't Mail allow me to sign or encrypt email?
 A: Verify that the email address in the certificate, and the one configured for the account in Mail, are typed exactly the same - including case. Even though the two addresses "John.Doe@mail.com" and "john.doe@mail.com" would most often be delivered to the same email account, Mail still treats them as separate identities while trying to match a certificate to an account (In order to comply with section 2.4 of RFC 2821 for SMTP).

 Q: Why am I not able to create encrypted messages?
 A: Please re-read my note above about the requirements for sending encrypted messages. Basically what it comes down to is that Mail needs the certificate of the recipient of the message in order to be able to encrypt it.

 Q: You said that you can only send an encrypted message to someone that you have previously received a certificate from - isn't this a catch-22?
 A: No. There is a difference between a "signed" message and, an "encrypted" message (see note above). You can send a "signed" message to anyone, thus providing that person with your certificate, which allows the recipient an opportunity to create a reply with an "encrypted" message.

 Q: I need to use my certificate on another machine. How do I export my certificate from my Keychain?
 A: Unfortunately the Keychain Access application currently (as of Mac OS X 10.3.2) doesn't know how to export a certificate into a portable format. The only workaround that I know of for this problem is to avoid downloading your certificates with Safari, and instead use Mozilla. Mozilla can export certificates into a format that can be imported into the Keychain. Instructions for that process can be found here:

Using Mozilla to download certificates

 
Email Client Compatibility

I haven't been able to find a comprehensive source of information on email client interoperability with regards to digital certificates. Please let me know of any problems you've experienced when exchanging signed and / or encrypted messages between Mail and other email clients.
Here are a few snippets of information based on feedback I have received so far:

  • While Outlook XP can read signed and / or encrypted messages sent from Mail, Mail can't open messages from Outlook XP that has been both signed and encrypted.
  • Outlook Express might have problems with certificates containing more than one email address. To avoid problems download a separate certificate per email address, rather than a certificate for all email addresses.
  • Netscape 7.01 doesn't recognize signed messages sent from Mail. Upgrading to Netscape 7.1 solves this problem.
It seems like most of the more popular email clients supports digital certificates in their more recent versions. The best way to resolve problems with using digital certificates is probably to make sure that you use up to date versions!

 
Additional Reading

Apple: Mac Help
   Mail Help > Browse Mail Help > Sending and receiving email >
      About encryption and digital signatures
      Encrypting and signing a message in Mail
   Keychain Access Help > Adding certificates to a keychain

Apple: How to Use a Secure Email Signing Certificate (Digital ID)

RSA: What is S/MIME?

Mac DevCenter: How to Set Up Encrypted Mail on Mac OS X

Mark Noble: S/MIME Secure Email for Windows users

Mac OS X Hints: Use .Mac iChat certificates in Mail

 
Document Version History

  • 24 Oct 2003 - First post.
  • 26 Oct 2003 - Fixed spelling and grammatical errors. Improved some areas based on feedback.
  • 28 Oct 2003 - Corrected statement about encryption supposedly including signing - it does not.
  • 02 Nov 2003 - Added TOC and FAQ.
  • 16 Nov 2003 - Added new links, opt-out for Thawte, compatibility info. Updated pictures.
  • 23 Jan 2004 - Added new link. Updated opt-out for Thawte.
  • 03 Feb 2004 - Safari 1.2 can download and import certificates.
  • 13 Feb 2004 - Added new link. Added FAQ item. Corrected a couple of errors.
  • 27 Feb 2004 - Added link to Spanish translation.
  • 31 May 2004 - Added link to German translation.
  • 16 Dec 2004 - Added link to Italian translation.
  • 14 Nov 2005 - Updated orphaned links to external sites.
  • 30 Nov 2005 - Added link to Mac OS X Hints article.
  • 08 Jan 2006 - Added link to Swedish translation.
  • 15 Jan 2008 - Removed broken link to French translation.