FAQ -- IDseal Secure Email Service
- What is the IDzap IDseal secure email service?
- What is IDzap and what is IDseal?
- I have been using email for a long time.
Why do I want to consider IDseal secure email?
- What does IDseal offer
in terms of protecting my email?
- What are the platform requirements
in order to use the IDseal secure email service?
- I am inside a corporate firewall.
Can I use the IDseal secure email service?
- Should I access
the IDseal secure email service through an anonymous browsing service?
- Can you explain the end-to-end security
of the IDseal secure email service?
- Do I need to install cryptographic software
to work with IDseal secure email?
- What is the difference between
installing the ICE on a hard disk versus on a USB removable disk?
- Can you explain the portability
of the IDseal secure email service?
- What is the key size that the ICE supports?
- Is IDseal compatible with secure email standards?
- Can I communicate securely with
an email user who does not use the IDseal service?
- Can I communicate with an email user
who does not use secure email at all?
- Why do I want to use IDseal
instead of other OpenPGP secure email clients?
What is the IDzap IDseal secure email service?
IDzap IDseal secure email service is a web based email service
that provides end-to-end security
through an encrypted communications channel (SSL) and
the OpenPGP secure email standard.
It is web based so that you can use a browser to handle your email.
It is end-to-end secure so that
email messages that are sent in the secure mode can only be read
by its intended recipients.
What is IDzap and what is IDseal?
IDzap is the internet service company that
provides the award winning
IDsecure anonymous browsing service
and the IDseal secure email service.
IDseal is the name of the secure email service.
IDseal email accounts use email addresses
in the form of username@idseal.com.
I have been using email for a long time.
Why do I want to consider IDseal secure email?
Sending ordinary email is like sending a post-card,
in that the content of the messages is exposed.
It is possible for a system administrator
or an eavesdropper to read the email messages of other people.
And even if the message was read by others,
the email user will never know about that because
there is no "envelop" sealing the message in electronic mails.
Using an analogy to paper mail,
people will never send any important letter
without putting it in a sealed envelop.
That is why you want to use IDseal secure email.
What does IDseal offer in terms of protecting my email?
IDseal uses state-of-the-art patent pending technology to protect your email.
The following table summarizes the protection offered by IDseal
| IDseal Feature |
Requirements |
Protection |
| encrypted communications channel |
communicates with anyone at any email address, no special software required |
protects from ISP and corporate firewall admin |
| IDseal cryptographic engine (ICE) |
communicates with anyone who uses PGP-compatible secure email |
ultimate end-to-end email security |
We use a proven encrypted communication channel (SSL) between your browser
and our email servers.
That means all your email commnications between your browser
and our servers are protected.
Your ISP and your corporate firewall admin will never
find out anything about the emails that you send and receive.
This is true even if the people whom you are communicating with
do not use secure email at all.
In other words, you can enjoy the protection of the encrypted
communications channel no matter whom you communicate with,
and no matter what type of email system they use.
If you communicate with users who also use PGP-compatible secure email,
you can have the ultimate end-to-end email security
by using the OpenPGP secure email standard.
We supply an IDseal Cryptographic Engine (ICE)
which provides OpenPGP compatible strong cryptography
for the security operations
including encryption, decryption, digital signature insertion
and verification.
You can send emails in encrypted form, which corresponds to
putting your letter in an envelop.
You can also digitally sign your email,
which provides an authenticity proof to your messages.
For an encrypted email message,
only the recepients of the email who has the decryption key
will be able to read the decrypted content of the email.
Encrypting a message is actually much stronger than
putting a message in an envelop.
An envelop can still be opened by someone who intercepts the message,
but breaking an encrypted message is computationally infeasible.
What are the platform requirements
in order to use the IDseal secure email service?
To use the IDseal web-based secure email service,
you need
- A computer running Windows 98se, ME, 2000 or XP.
Support for linux is coming soon.
- A web browser (Internet Explorer, Netscape, Opera) on your computer.
- Internet access (dial-up modem, DSL, able modem, corporate network, etc.)
- An IDseal secure email service subscription. (US$15 per quarter, US$50 per year)
- The IDseal Cryptographic Engine (ICE), which can be
downloaded for free from the member's area of the IDseal web site.
You can install the ICE
either on your hard disk or on a USB removable disk.
See "What is the difference between
installing the ICE on a hard disk versus on a USB removable disk?"
for further information on the two installation options.
- (Optional) A USB removable disk (US$35, 16MB),
which can be purchased from
.
I am inside a corporate firewall.
Can I use the IDseal secure email service?
Yes, IDseal secure email service supports direct internet connections
as well as through a proxy.
If you are inside a corporate firewall, you normally need to access
the internet through a proxy server. IDseal service can work
through a corporate proxy server.
Should I access
the IDseal secure email service through an anonymous browsing service?
No, there is no need to access the IDseal secure email service
through an anonymous browsing service. Here is the reason.
Since the IDseal user uses SSL to connect to the IDseal site,
the user is already protected from the ISP and
the corporate firewall administrator.
To achieve end-to-end security, the IDseal Cryptographic Engine (ICE)
is designed to have a very tight coupling with your web browser
and the IDseal email server.
For security reasons,
the ICE will not send any data to any entity except your browser
and the IDseal server.
IDseal does work with generic proxy servers installed at
typical corporate settings.
Can you explain the end-to-end security
of the IDseal secure email service?
The system design of IDseal is shown on the page
"How does IDseal Secure Email Work?"
IDseal secure email service provides end-to-end email security
because
- IDseal uses the strongest
public key cryptography,
- IDseal is designed so that all the
cryptographic operations are performed by the ICE
plugged into your local computer.
In other words, your outgoing secure email messages
are encrypted before they leave your computer, and will remain so
until the messages arrive at the computers of the recipients.
Similarly, your incoming secure email messages are encrypted
until they arrive in your computer, in which they will be decrypted.
- All the keys (public keys and secret keys) that you need to use
are stored within the ICE folder which goes with you.
Keys are never accessible by the IDseal server.
As a result, you have end-to-end security in your emails.
Even IDzap employees will not be able to read your secure emails.
(IDseal email service is developed and operated
by IDzap LLC, who also developed and operated the
award winning IDsecure anonymous browsing service.)
Do I need to install cryptographic software
to work with IDseal secure email?
It depends. If you only want to enjoy the protection of
an encrypted communication channel so that your ISP and
your corporate firewall admin cannot know what emails
you send and receive, then you do not need to insatll any software.
All you need is a web browser, an internet connection,
and an IDseal email account.
You can communicate with anyone at any email address,
and the person whom you communicate with do not even need
to use secure email at all.
If you want to communicate with someone who uses
PGP-compatible email software (whether it is another IDseal user
or not),
you can use the OpenPGP compatible cryptographic capability
offered by the IDseal Cryptographic Engine (ICE).
In this case you need to install the ICE,
which can be downloaded for free from the member's area of the IDseal web site.
The engine can be installed on the hard disk of your computer,
or installed on a USB removable disk.
The USB removable disk is an ultra portable device
that is plugged into the USB port of the computer
and it appears to the computer as a disk drive.
The USB removable disk is available for purchase from
.
What is the difference between
installing ICE on a hard disk versus on a USB removable disk?
ICE contains cryptographic and communications capabilities.
It handles the cryptographic operations, manages cryptographic keys,
and communicates with both the web browser and the IDseal web site.
ICE is essential for accessing secure email messages.
The following table compares the two types of installation:
| | ICE installed on Hard Disk |
ICE installed on USB portable disk |
|---|
| mobility |
Can access both plain-text
and secure email messages on the computer
where ICE is installed.
Can access only plain-text email messages on any other computer. |
Can access both plain-text and secure email messages
on any computer with a USB port. |
| cryptographic keys |
Keys are stored on hard disk.
Can only access secure messages on the computer where ICE is installed. |
Keys are stored on USB disk.
The keys "travel" with you so that you can access
your secure email messages anywhere.
|
Can you explain the portability
of the IDseal secure email service?
There are several meanings of the word portability as applied
to IDseal. In the following, we assume that
a user has chosen to install the ICE on a USB removable disk.
- All the cryptographic software required by IDseal
is installed on an IDseal Cryptographic Engine (ICE).
The ICE is approximately 3-4 inches in length, thin and
very light weight. It is designed to be easily carried
no matter where you go.
- IDseal is a web based end-to-end secure email service
where you can access using a web browser.
When an IDseal user carries the USB disk,
then the IDseal user can access secure email
from any computer with a USB port,
such as those at home, office, public library,
friend's house, internet cafe, ... etc.
- The USB removable disk does not require the pre-installation
of a device driver if used on
a machine running Windows 2000, ME and XP. Hence you can
carry the ICE with you and just plug it into a machine
where you want to access your secure email from.
If you use Windows 98SE, you will need to install
a device driver, which is always available for download in
the member's area of the IDseal web site.
- In addition to carrying the cryptographic engine,
ICE also serves as a storage area for the cryptographic keys.
This means that you carry the keys with you on the ICE
anywhere you go,
and you are always ready to send and receive secure emails.
What is the key size that the ICE supports?
IDseal supports 2048/1024 bit ElGamal/DSA keys.
The number 2048 is the size of the ElGamal portion,
and 1024 is the size of the DSA portion.
Is IDseal compatible with secure email standards?
Yes, IDseal is compatible with the OpenPGP standard.
Can I communicate securely with
an email user who does not use IDseal secure email?
Yes. Since IDseal is compatible with OpenPGP,
you can communicate securelly with any email user who uses OpenPGP.
After you have exchanged the public keys with
the user who you want to communicate with,
you can start sending each other secure emails.
For example, you can send an encrypted email message to a person,
who might use, e.g. Outlook, to receive that message
and decrypt it using a PGP plug-in for Outlook.
Can I communicate with an email user
who does not use secure email at all?
Yes. IDseal secure email services supports both secure email
and plain-text email.
So you can use IDseal to send plain text email to a user
who does not use secure email at all.
To choose between sending secure email and plain-text email
all you need is to select or de-select a check box in
the email compose page.
And in this case, you are still protected from your ISP and your
corporate firewall admin by the encrypted communications channel.
Why do I want to use IDseal instead of
other OpenPGP secure email clients?
If you use traditional secure email clients, you will access
your secure email on the computer where you installed the software.
On the other hand, IDseal allows you to access your secure email
from any Windows computer with a USB port, no matter where you go.
See the question Can you explain the portability
of the IDseal secure email service?
regarding the portability of the IDseal service.
The fact that the ICE carries both the cryptographic software
and the cryptographic keys ensures that
the email system is end-to-end secure.
|
