The plug in is no use to me because it results in the email being encrypted and decrypted by Outlook, as a result of which some of the functionality of Outlook is lost. In particular, the preview and search functions, and I am told by MS that if there are encrypted or digitally signed emails in the personal folder the archive function will not work properly, although my own experiments suggest that this is at least not always the case, and that there are other problems with the archive function. Also, if the emails are not decrypted before they get to the email client, and
Re encryption and Outlook. My impression when using was that it [the Plugin] did de-encrypt before it placed the email in your inbox. So indexing should not be affected. I could be wrong as I did not explicitly test it.
RE diffusion. Comodo was so close to achieving this that it is really frustrating. There were two to three simple failures in my view:
[ol]- Certificate application and installation was not fully automated - & did not work in any browser other than IE. On-the-fly (no reboot, no difficult questions, just confirmation requests) app installation would have been good, too.
Emails sent unencrypted did not (by default) have a signature link to a page that allowed the receiver to initiate encrypted communication in one click. (Those sent one time encrypted did, but this was not the default setting.) Nor was there a way of the sender sending a standard ‘invitation to encrypted coms’ email - maybe this is just a paste standard phrase button
There was no simple reassuring explanation of what was going to happen and how you could control it anywhere. Nothing to say how to tell whether an email has actually been sent or received encrypted either - probably just a log would do
There was probably some lack of control on a per recipient basis. My guess is that a) by default emails should be sent unencrypted, and you should be able to state for a contact that you either want to send encrypted or want to be asked every time you send an email[/ol]
Only the last one has any complexity in it.
Probably a few other minor bits and pieces if you studied the feedback loop carefully.
To get diffusing you need to a) make it easy b) make it reassuring at every stage.
That all seems about right to me. And pgp is not a solution really because it is nowhere near being ‘diffusable’. However, I did test the plugin, and found when using the plug-in that email was encrypted and decrypted by Outlook, so that it was all stored in the email client encrypted on the private key, with the loss of functionality that goes with that.
For the time being, sending encrypted information is most easily done in my experience using encrypted pdf files, and PdfPostman by Encryptomatic utilises that. However, using an encrypted pdf does not enable the correspondent to reply with encryption, and increases the risk of indiscretion in any reply.
One general danger in all of this is the risk of the correspondent replying unencrypted in a way that includes the information that you wanted to protect. At least the MS soltuion in Outlook defaults to encryption of the reply.
You may like to watch Firetrust’s development of EncryptUs, in which they are trying to achieve what we are all looking for. They say that the first version should be released very soon, but they have been saying that for some time. I expect that we shall see it eventually.
I tend to think that Outlook’s solution would be fine if only it allowed the user to elect to have the email in unencrypted form in the email client, or at least restored the functions that are lost to Outlook in respect of encrypted email. It should not be too hard to get a correspondent to instal a certificate.
Yes - see my first paragraph. By all means check it, but I thought I had the answer. I no longer have se installed.
I cannot get the post to take when replying to your other post, so I will copy my reply here:
I thought it was nearly there too, though I never investigated the diffusion side - I tried sending an unencrypted email to one of my alternative addresses that does not have a certificate installed, with the relevant setting selected for encryption of such email, to see if the online encryption stuff worked, but had a problem - I forget exactly what it was - but I wondered whether it might be due to the fact that I was trying to read the email from the same computer as sent the email.
I have taken a brief look at the guide, but am very short of time at present and it would take a good day’s work to redraft it. Perhaps I could take a look at it if Melih decides to resume development of the program. Also, I am still having major problems with posting - its a waste of time having to post over and over again before it takes.
Thanks. I should be interested if you can set it up with the outlook plug in and so that both sent and received email are stored unencrypted by the email client, but of course verification that it actually does so is of the essence.
I can confirm this. As part of checking is I have discovered in Outlook 2003 that the way you tell is to add a column of ‘message class’ to your email folder. Encrypted emails have class IPM.Note.SMIME*. Unencrypted have class just IPM.Note.
Thanks. If I install SE again, I will try the plugin and the automatically decrypt setting (is that the one that you are referring to as achieving the desired result?), although I thought I had fully explored that option. Let’s hope that Comodo decide to resume with SE, since there is not much else to replace it. I doubt whether pgp will suffice, since it messed up my system when I last tried it.
If support is resumed and Comodo get it working again, I should be most grateful if you would let me know.