Who's Secure
Support for PGP varies greatly among the Big Three vendors--Microsoft Corp., Lotus and Novell. The next release of Novell GroupWise will fully support PGP. Lotus supports PGP by offering its APIs to customers that want to build a plug-in for Notes. Microsoft has no plans to support PGP in Exchange, preferring to swing development activity to S/MIME (Secure MIME).
In fact, all three vendors permit secure message transmission using S/MIME. Senders can encrypt their messages using the recipient's public key so that the recipient can decrypt it using his/her private key, en
suring that the message has not been modified en route. Senders can digitally sign a message by encrypting it with their private keys. Then the recipient can decrypt the message using the sender's published public key to validate the identity of the sender.
Exchange Server 5.5, Notes 4.6 and GroupWise 5.2 support the option of encrypting messages by default or on a per-message basis. However, where a user's certificate and public keys are stored varies by product. Exchange stores both the certificate and the keys within the Exchange directory, while Notes stores the certificate within the user document, a collection of user attributes. Novell plans to store and manage X.509 certificates in NDS in the future. Likewise, Microsoft's upcoming Active Directory Service also will provide a storehouse for users' public key certificates.
It's no surprise that messaging vendors support S/MIME for secure transmission of messages and files, because customer demand has been building for some time. S/MIME's cause als
o got a boost when WorldTalk introduced its S/MIME Everywhere program. Aiming to eliminate the "you go first" quandary that results when one trading partner has a secure e-mail environment and the other doesn't, and hoping to promote industry endorsement of S/MIME, WorldTalk is offering organizations as many as 10 free copies of its S/MIME Secure Server messaging client.
--Nancy Cox
|
REPORTS
ANALYTICS
Follow 
