• United States

Secure e-mail is worth the effort

Feb 17, 20033 mins
EncryptionEnterprise ApplicationsMessaging Apps

E-mail has been part of our personal and corporate lives for a long time, but it never has been secure.

In my book The E-mail Frontier (1994), I wrote: “Sometime within the next three to 10 years, any e-mail without a digital signature will be regarded with the same suspicion as a stranger in the airport.” A cautious statement at the time, but I never thought it would take this long to achieve secure, signed and encrypted mail.

In more ways than one, time is running out. We are nearing the end of my 10-year window, and still relatively few users or companies secure their e-mail even though much of it is sensitive. Meanwhile, estimates say that (unsigned) spam messages makes up more than 50% of e-mail traffic, threatening e-mail’s very existence as a medium. And we’ve got good reason to become even more suspicious of strangers, both within airports and on the Internet. While I’ve yet to succumb to clicking on an “I Love You” or “Big Boss” letter attachment, the proliferation of such garbage in the in-box adds tension to the workday.

Perhaps it is perversity, but after receiving a signed message from a colleague at Symantec, I decided to try signing my own outgoing mail. Using Microsoft Outlook 2000, I requested a new certificate from VeriSign and set a flag causing outgoing mail to be digitally signed.

Soon, the complaints began flooding in. While many of my colleagues who also use Outlook 2000 can read the signed messages, others cannot. For example, Outlook Web access users cannot read signed messages because Outlook does not support this capability. Nor can users of Microsoft’s Macintosh client. Nor can colleagues at a company that uses Lotus Notes, even though IBM/Lotus, like Microsoft, claims to support Secure Multipurpose Internet Mail Extensions.

There are other problems. Encryption in Outlook is a nonstarter for most people because it requires use of (usually nonexistent) recipient public keys, whereas signing requires only the sender’s. When our clients have requested encryption, we’ve had to manually create password-protected, Pretty Good Privacy self-decrypting archives.

To make signing truly worthwhile, one also should set the software to require a password or personal identification number every time the private key is invoked for every signature. This is a pain. And while I picked a short but obscure password that’s easy to type, I am looking forward to a later experiment with smartcard fingerprint readers.

Individuals and companies can help by learning more about secure e-mail. It isn’t acceptable to send sensitive e-mail over the Internet in the clear. We shouldn’t let spammers get away with forging their “From” address. Experiment in your environment to see what can be done, and push your vendors to improve support for interoperable, secure e-mail.