|
How does IDseal secure email work?
IDseal secure email is based on
state-of-the-art proven strong encryption technologies.
The two major security features in IDseal secure email are
- encrypted communication channel (SSL)
- IDseal cryptographic engine (ICE)
We examine here the two features in detail.
1. Encrypted Communication Channel (SSL)
As shown in the figure above, the communications between
your web browser and the IDseal secure email server are performed
over a proven encrypted channel (SSL).
This channel protects all your emails from being read by
your ISP and your corporate firewall admin person.
This feature is always available for all your email messages,
no matter whom you communicate with.
This is true even for those people who do not use secure email at all.
In other words, you are protected from your ISP and your firewall admin
when you communicate with any person at any email account using
any email software.
2. IDsecure Cryptographic Engine (ICE) that supports OpenPGP Secure Email Standard
If you communicate with a person who also uses OpenPGP compatible secure email
(whether it is another IDseal user or someone who uses
other PGP-compatible software),
you can enjoy ultimate end-to-end email security offered by OpenPGP.
The IDseal Cryptographic Engine (ICE), available for download
from the member's area of the IDseal web site,
provides the encryption, decryption, and digital signature functions
that are compliant with OpenPGP.
The following diagram shows the data path
for sending and receiving both plain-text and secure emails.
The IDseal secure email service supports both plain-text and secure email.
In the plain-text mode, the service
behaves just like oridinary web based email.
Of course, even when you are sending and receiving plain-text email,
you are still protected from your ISP and the firewall admin
by the encrypted channel.
When a user wants to send a secure email,
it is done by checking the Encrypt and/or Sign boxes
on the email compose web page.
Then the browser will send the message to ICE for
encryption and/or digital signature insertion.
After this step ICE sends the secured message to the email server.
Since the cryptographic operation is performed by ICE
on the computer that you use,
you and the intended email recipients are the only people
who will be able to read the email.
Everybody else (e.g. your ISP, firewall admin person, IDzap employees, etc)
will not be able to read the content of your secure email.
Similarly for incoming emails, the service behaves just like
oridinary web based email.
The difference is that when an encrypted and/or signed email is received,
you can decrypt the message and/or verify the digital signature
by simply clicking a button on a web page.
Then the message will be transmitted to ICE for decryption
and/or signature verification.
After this step ICE sends the result to the web browser
for presentation to the user.
Again, you are the only person who will be able to read
the decrypted message since the decryption is performed
on the computer that you use.
ICE can be installed on your hard disk or on
a USB removable disk, which can be purchased from
the IDzap subscription page.
The advantage of installing ICE on a USB removable disk
is that you can carry it with you anywhere you go,
and can access your secure email messages
from any USB capable Windows computer anywhere.
(Linux support will be available soon.)
Hence you can use any computer (in the office, at home,
in internet cafes, in public libraries etc) to access
your IDseal secure email.
Please refer to the FAQ
for further details.
|
