Welcome to the Office Mac Help Site About | Blog | Links | Glossary | Feedback | Downloads | Help
Search Site

Search A-Z Index

Search Tips

Browse Entourage Articles

Search Microsoft KBs

Search Blog articles 2011

Latest Updates!

Download updates from Office Mac or use AutoUpdate under Help in the menu bar. More Info on updates

Support our site SIGNUP FOR HOSTMONSTER.COM

MVP Sites
Support our Site

Digital Signatures

The act of digitally signing a message, much like the analogous act using pen and paper, is one way of certifying that you truly did compose and send a given message in an electronic medium. Assuming that you 'play by the rules' of the protocol (e.g., keep your private keys private), the recipient of your message can trust that you, and only you, sent a particular signed email, and can verify that it hasn't been changed in any way since you wrote and signed it. For example, say you want to send an email to your broker to sell 1,000 shares of Imclone stock. With a regular, plain email, how would your broker know you were the one who really requested this transaction, as opposed to someone trying to implicate you for insider trading? After all, it's not too difficult to intercept and/or spoof addresses in an email. However, if you send a digitally signed email, your broker can verify the signature on the message to see that it really was you who sent the request. Furthermore, he or she can validate that the message was not changed in any way since it left your machine. Even if someone managed to intercept the message and change the "1,000 shares" to "2,000 shares" before it reached your broker, your broker could detect this and take action accordingly. So generally speaking, you can think of digitally signing a message as a way of both 'authenticating' the identity of the sender and verifying the integrity of the message.

Note, however, that solely digitally signing a message does not keep its contents from prying eyes. The interceptor of the message above will still be able to read your email and see that you requested 1,000 shares be sold, as well as any account numbers you include; they just won't be able to modify it without detection. With digitally signed messages, sometimes the message contents are totally visible (like with any plain email) and contain the actual digital signature part as an attachment (called clear-signed), and sometimes the entire email contents and digital signature are encoded into one big blob (like a MIME-encoded message) and then sent out as the email (called opaque-signed). But in both cases, an individual who intercepts a digitally signed message, with a little knowledge, can reveal the message contents with relative ease. To sum up: Digital signatures provide no secrecy only authenticity and integrity.