[X4U] Keychain

Thomas W Noel tnoel at mac.com
Sun Dec 24 22:24:28 PST 2006 

 From Mail.app Help:

Signing and encrypting email messages
If you have a personal certificate on your computer, you can send  
signed messages (including the body of the message and any  
attachments) to anyone using Mail. Signed messages let your  
recipients verify your identity as the sender, and provide assurance  
that the message has not been tampered with in transit. A Signed icon  
(a checkmark) in the email header indicates your personal certificate  
is installed in Keychain Access.

Encrypted messages (which encrypt both the body of the message and  
any attachments) offer a higher level of security than just signed  
messages. You can only send encrypted messages when you have  
certificates stored on your computer for both you and all recipients  
of your message. The easiest way to get someone's certificate is to  
have them send you a signed email message. When you view a signed  
message, Mail automatically imports the person's certificate (or  
"public key") and stores it in your keychain. You'll know you have  
the recipient's personal certificate installed in Keychain Access if  
an Encrypt (closed lock) icon appears next to the Signed icon after  
you address a new mail message to that person.

To sign and encrypt an email message:
Choose File > New Message. In the Account pop-up menu, choose the  
account for which you have a personal certificate installed in your  
keychain. A Signed (checkmark) icon on the upper-right side above the  
message text indicates the message will be signed when you send it.  
To send the message unsigned, click the Signed icon to deselect it.  
An unsigned ("x") icon replaces the checkmark.
Address the email. An Encrypt (closed lock) icon appears next to the  
Signed icon if you have a personal certificate for the recipient in  
your keychain and indicates the message will be encrypted when you  
send it. To send the message unencrypted, click the Encrypt icon to  
deselect it. An open lock icon replaces the closed lock icon.
For security, encrypted messages are saved in your Sent mailbox in an  
encrypted format.
If you don't have a certificate for all the recipients, a dialog  
appears that allows you to either cancel the delivery of the message  
or send the message unencrypted.

If your recipients are using Mail, security headers marked Signed and  
Encrypted are visible in the messages they receive. If they are using  
an application that doesn't use signed and encrypted messages, the  
certificate might be in the form of an attachment. If your recipients  
save the attachment as a file, they can add your certificate to their  
keychain.

Since many mailing lists reject signed messages (because the  
signature is an attachment), deselect the Signed icon before sending  
a message to a mailing list.


On Dec 24, 2006, at 7:28 PM, Paul Moortgat wrote:

> Hi Tom,
>
> What can they do there?  And why do people place them?  What's the  
> purpose?
>
> Paul Moortgat
>
> On 25 Dec 2006, at 03:50, Thomas Noel wrote:
>
>> Yes, these are usually expired certificates from individuals.
>>
>> Tom
>>
>>
>> On Dec 24, 2006, at 4:53 PM, Paul Moortgat wrote:
>>
>>> I went to my Keychain Access and I found a lot of icons with a  
>>> white cross in the down right corner.
>>> When I click on these I can read that they're expired.  Is it  
>>> allowed to delete them?
>>>
>>> Paul Moortgat

More information about the X4U mailing list