Can I verify that the digital certificate I received is really for the person I want to talk to?

In order to exchange encrypted e-mails with someone, you have to exchange your Digital Certificates which contain the public keys that you will use for encrypting your communications. In order to ensure the certificate is really for the person you want to talk to, you should either trust the certificate authorithy that signed that certificate (e.g., Verisign) or preferably, verify directly the certificate with your corespondant.

The later can be done by calling the person and once you are sure it his really the person you want to talk to (e.g, by recognizing her voice), ask her to read the certificate thumbprint. On windows computer this can be achieved by viewing the certificate in Internet explorer (tools=>intenet options=>content=>certificates=>otherpeople). The thumbprint is the last field of the certificate and is a string of number of letter like: 2d 37 0a 57 69 e2 75 39 c7 96 90 56 a2 6c 03 18 9b a9 70 1d


See, What is a Certificate Authority? How do I obtain my correspondent digital certificates?

Rate this tip: 
  • My comment
  • Comments [0]

Add new comment

To prevent automated spam submissions leave this field empty.
By submitting this form, you accept the Mollom privacy policy.

No comments available

Related content

Focus [2]

N°36 What’s Up With Educational Technology?

Computers are no longer the wave of the future, they are embedded in our daily lives and they're here to stay.  "Google" is now a verb that keeps us just seconds away from anything we want to ...

N°30 Seven Security Tips for Mobile Workers

Are you using your own Apple or Android smartphone or tablet for work? Industry researchers at IDG estimate that 84% of companies already allow this in one form or another.The benefits of this tren...

If you do not findthe answer you're looking for...

Ask your question