Digital Certificates

SAFe-mail is now able to issue all its members with a Digital Certificate.

SAFe-mail users can now take full advantage of the Public Key Infrastructure technology. It has been known for many years that PKI is the foundation of the most secure systems. Until now, however, PKI has been implemented at a painful cost to all who work with it.

Some of the problems PKI creates:

SAFe-mail is the only system that has all these components integrated into one system. This assures integrity. The main part of this assurance is that the e-mail address and the Digital Certificate are really connected to the same person and the use of that e-mail address is subject to strict authentication; this, plus the fact that the Certificate Authority, Certificate Server and e-mail server are all connected together within SAFe-mail.

SAFe-mail Certificates should be more trustworthy than any other Certificate from any known Certificate Authority (CA). This is especially true because SAFe-mail manages BOTH the e-mail address and the Certificate associated with it. With other systems, users get their e-mail addresses from one source and the Certificate from another. Consequently, situations may arise where two different users will have two different Certificates for the same e-mail address. Anomalies such as this cause great difficulties when using Digital Certificates.

Does it cost anything to get a Certificate from SAFe-mail?

No. A Digital Certificate Class 1 is created for any user that asks for it and it is free of charge. It is also free of any installation and maintenance overhead. It is issued on a yearly basis and will be automatically renewed each year providing you remain an active user on the system.

Can my Certificate be issued to any other person with the same e-mail address?

No. Once we provide a Certificate, the e-mail address is reserved on the SAFe-mail system for at least one year. Even if you cancel your e-mail account, no other person will be able to get this e-mail address until the Certificate has expired. This is not the custom of other CA's.

OK, now that I have a Certificate, how can it help me?

Possessing a SAFe-mail issued Certificate will be particularly useful when you are dealing with an organization such as a bank, health care firm or law office that will only communicate with you by e-mail if you are capable of receiving and sending S/MIME messages. Receiving and sending S/MIME messages requires you to have a Digital Certificate.
Note: communication with SAFe-mail users of the Public Site, http://www.SAFe-mail.net, or any Private Site powered by SAFe-mail, is secure and doesn't need or use S/MIME.

It's good for organizations too!

Being compatible with Certificates is particularly attractive for organizations, especially those that are capable of batch producing S/MIME messages where each message is unique. Such organizations now have two-way communication with their SAFe-mail enabled customers with complete security free of charge. The customers who are using a SAFe-mail account will receive such messages seamlessly in the same way as they are receiving any other secure message and they will be able to verify the sender's identity, the content integrity and know that it is secure.

Here are a few examples:

  1. Universities will be able to distribute exams results with full confidentiality to students. Students will be able to send confidential information to the university.
  2. Medical labs will be able to distribute test results with full confidentiality to patients, doctors and hospitals. Clients will be able to send their health related details to their doctor.
  3. Banks will be able to easily and economically distribute statements etc to customers periodically or whenever needed. Clients will be able to send personal information, money related orders etc, to their bank.
How could such a process be activated?
  1. The SAFe-mail user will ask for a Certificate from SAFe-mail. This process takes almost no time and costs nothing.
  2. Once having his certificate, the user will send a digitally signed message to the organization. This is done from the normal Compose function with one extra click on the "Sign this message" check-box. The user's Certificate will automatically be attached to this signed message as indeed it will be with any other signed message.
  3. The organization receives the user's e-mail address plus the user's Certificate and will be able to start secure communication with that customer. As this request message is signed by the user the organization can trust the authenticity and originality of the request.
Are there any other features that come with PKI compatibility which benefit organizations?

Yes, there are two?
  1. Organizations can upgrade certificates: Organizations can have their own ability to authenticate users' Certificates for their customers using a back office facility supplied by SAFe-mail.
  2. Read receipt: A back office will also enable organizations to verify when and if customers have read their messages.

A back office from SAFe-mail will be supplied on a chargeable basis.

 

Digital Certificates are now available to all SAFe-mail users. To get yours, login into you account and click on the PKI link to get it. If you do not have an account yet, you are invited to register.