Versions Compared

Old Version 1

changes.mady.by.user Dean Lane

Saved on

compared with

New Version Current

changes.mady.by.user Dean Lane

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

...

This will allow you to verify the authenticity of the email message and know that it did indeed come from Rice and is not some phishing or hacking attempt.

 

Currently, only messages from no-reply@rice.edu are going to be digitally signed.  These messages will appear to be from the user Automated Email and  and the certificate will be issued by by InCommon Standard Assurance Client CA.

 

The full certificate chain will look like this:

  • AddTrust External CA Root
    • UTN-USERFirst-Client Authentication and Email
      • InCommon Standard Assurance Client CA
        • Automated Email

 

You will want to verify that that the expiration date for the certificate is still valid, meaning that the date has not passed.

Image Removed

Notice in this test email, in the header of the message (in Mac Mail) there is a Security header with a checkmark and the words Signed (Automated Email).  If you were to click on the checkmark it will give you information about this signature.

What is S/MIME?

S/MIME stands for Secure/Multipurpose Internet Mail Extensions and is a standard for public key encryption and signing of MIME data (an email message). What it allows you to do is two things:

  1. Ensure to your email recipients that YOU actually sent the email
  2. Allows the possibility of sending and/or receiving email encrypted

What does this mean?

When you receive an email from the email address no-reply@rice.edu, if it has been digitally signed, you can be assured that it was sent from Rice.  If you receive mail from the address no-reply@rice.edu, but it is not digitally signed, it could be a fake, forgery or phishing attempt.

How do you know that the message is digitally signed?

This varies by the mail client that  you are using, though every mail client will do it similarly.  In general, they will all put some indicator in or around the header of the mail message to indicate that the message has been digitally signed and that the signature is valid or invalid.

Various mail clients:

Other mail clients also allow you to verify the signature but it is slightly different for each one.  Please contact your DivRep or the IT Help Desk to learn how to verify this signature in your mail client.

Anchor
#examplegmail
#examplegmail
In Google Mail (Gmail)

Currently there is no way to verify a digital signature in Google Mail.  Please use Webmail or real mail client to verify the authenticity of the digitally signed messages.  We are investigating options with Gmail.

Anchor
examplemacmail
examplemacmail
In Mac Mail

In Mac Mail, the digital signature is indicated by the Security header of the message and the presence of the check mark and the word Signed.   

Image Added

If you click on the check mark, you can get more information about the digital signature. 

Notice the certificate chain is the same that is printed at the top of this page, that the Expiration date of the certificate has not passed and that there is a green check mark indicating that this certificate is valid. 

This allows you to know that this message did come from Rice University IT and is something that  you should probably pay attention too.

 

Other mail clients also allow you to verify the signature but it is slightly different for each one.  Please contact your DivRep or the IT Help Desk to learn how to verify this signature in your mail client.

In Rice Webmail it looks like this:

Anchor
examplewebmail
examplewebmail
In Webmail

In Webmail, the digital signature is indicated in the body of the message by the Pad Lock, the word Signed and the yellow box below it.    

Clicking on the link "Automated Email (no-reply@rice.edu)" in the yellow box will display information about the signature.

Image Added

Anchor
exampleiosmail
exampleiosmail
In iOS Mail

In iOS Mail, the digital signature is indicated by the presence of the check mark beside the From address.

 

Image Added

 

If you click on the From address , you can get more information about the digital signature.

 

Image Added

 

And then clicking on verify certificate will show you this:

 

Image Added

 

Anchor
examplewindowsthunderbird
examplewindowsthunderbird
In Windows Thunderbird

In Thunderbird for Windows mail, the digital signature is indicated by the presence of an envelope icon with a red seal beside the Date stamp.

Image Added

Click on the envelope icon to display the certificate message.

Image Added

 

 

 Image Removed