SAFe-mail is now able to issue all its members with a Digital Certificate.

SAFe-mail users can now take full advantage of the Public Key Infrastructure technology. It has been known for many years that PKI is the foundation of the most secure systems. Until now, however, PKI has been implemented at a painful cost to all who work with it.

Some of the problems PKI creates:

• No mobility for the end-user. The user has to install and protect a Private Key on his own PC. That machine is the only machine from which the user can implement PKI. This negates one of the most important features of PKI which is having the ability to prove your identity with your Digital Signature from where ever you happen to be. The user can only use the machine on which the Private Key is installed to Digitally Sign documents.
  Typically, the Private Key and the Digital Certificate has to be renewed once a year.
• Requires complex systems to publish, renew, revoke and otherwise handling the Private Keys and the associated Certificates.
• Coherency problems
  Just by counting up the number of sub-systems that have to work together in harmony demonstrates that it's almost impossible for PKI to work efficiently and securely. Consider:
  Certificate Authority (CA), Register Authority (RA), Certificate Server, Revocation Server, e-mail server that issues e-mail addresses, e-mail clients and many more. All these parties/components have to cooperate and mesh together to provide an efficient PKI system.

SAFe-mail Certificates should be more trustworthy than any other Certificate from any known Certificate Authority (CA). This is especially true because SAFe-mail manages BOTH the e-mail address and the Certificate associated with it. With other systems, users get their e-mail addresses from one source and the Certificate from another. Consequently, situations may arise where two different users will have two different Certificates for the same e-mail address. Anomalies such as this cause great difficulties when using Digital Certificates.

Does it cost anything to get a Certificate from SAFe-mail?

Can my Certificate be issued to any other person with the same e-mail address?

No. Once we provide a Certificate, the e-mail address is reserved on the SAFe-mail system for at least one year. Even if you cancel your e-mail account, no other person will be able to get this e-mail address until the Certificate has expired. This is not the custom of other CA's.

OK, now that I have a Certificate, how can it help me?

Possessing a SAFe-mail issued Certificate will be particularly useful when you are dealing with an organization such as a bank, health care firm or law office that will only communicate with you by e-mail if you are capable of receiving and sending S/MIME messages. Receiving and sending S/MIME messages requires you to have a Digital Certificate.
Note: communication with SAFe-mail users of the Public Site, http://www.SAFe-mail.net, or any Private Site powered by SAFe-mail, is secure and doesn't need or use S/MIME.

Being compatible with Certificates is particularly attractive for organizations, especially those that are capable of batch producing S/MIME messages where each message is unique. Such organizations now have two-way communication with their SAFe-mail enabled customers with complete security free of charge. The customers who are using a SAFe-mail account will receive such messages seamlessly in the same way as they are receiving any other secure message and they will be able to verify the sender's identity, the content integrity and know that it is secure.

Here are a few examples:

1. Universities will be able to distribute exams results with full confidentiality to students. Students will be able to send confidential information to the university.
2. Medical labs will be able to distribute test results with full confidentiality to patients, doctors and hospitals. Clients will be able to send their health related details to their doctor.
3. Banks will be able to easily and economically distribute statements etc to customers periodically or whenever needed. Clients will be able to send personal information, money related orders etc, to their bank.

1. The SAFe-mail user will ask for a Certificate from SAFe-mail. This process takes almost no time and costs nothing.
2. Once having his certificate, the user will send a digitally signed message to the organization. This is done from the normal Compose function with one extra click on the "Sign this message" check-box. The user's Certificate will automatically be attached to this signed message as indeed it will be with any other signed message.
3. The organization receives the user's e-mail address plus the user's Certificate and will be able to start secure communication with that customer. As this request message is signed by the user the organization can trust the authenticity and originality of the request.

1. Organizations can upgrade certificates: Organizations can have their own ability to authenticate users' Certificates for their customers using a back office facility supplied by SAFe-mail.
2. Read receipt: A back office will also enable organizations to verify when and if customers have read their messages.

A back office from SAFe-mail will be supplied on a chargeable basis.

Digital Certificates are now available to all SAFe-mail users. To get yours, login into you account and click on the PKI link to get it. If you do not have an account yet, you are invited to register.