Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Question

email encryption with Outlook?

Jun 22, 2014 12:47AM PDT

Hi there,

I would like to encrypt email communication with a Phd-colleague.
We both use Outlook 2013 on Windows 7/8.

Is there any free/open source solution to do so? I found that famous pgp work with the likes of Thunderbird but not with Microsoft Office

Happy to get some input Happy

Discussion is locked

- Collapse -
Answer
First let's discuss encryption, how far must you go?
Jun 22, 2014 4:04AM PDT
- Collapse -
Your choice on work flow. Let me share mine.
Jun 22, 2014 4:32AM PDT

At the office we fling source code back and forth but as email can get clogged up we use dropbox instead. We can zip up the set and place it on a public link and since Kees noted the password feature this could be another option.
Bob

- Collapse -
Answer
Re: encryption
Jun 22, 2014 4:15AM PDT
- Collapse -
Answer
Re: email encryption with Outlook?
Jul 2, 2014 5:55PM PDT
- Collapse -
Answer
Digital Certificates
Jul 4, 2014 7:01AM PDT

I am surprised no one has mentioned 'Digital Certificates'. A DC offers several advantages; 1) Shows that you are indeed the sender, and 2) can encrypt the contents of the e-mail message and attachments (if you so choose). That said, it is not as simple as it sounds. For an encrypted mail exchange to take place using DCs requires that both parties have a DC installed. And that they have exchanged their public keys. If only one party has a DC and the other does not it simply will not work. Some companies or educational institutions may not allow or support the use DCs, however a lot of corporations/institutions do as does the US Government. And yes Microsoft Outlook 2013 supports Digital Certificates. Just Google it and you will find a lot of information on the topic and specifically how to install a DC on your system to use with Outlook.

- Collapse -
Answer
How to resolve the issue!
Jul 18, 2014 7:06PM PDT

Just make the private key for the sender's signing certificate available on the Outlook Web Access computer.
Use a smart card that contains the recipient's encryption certificate.
Install the recipient's encryption certificate into the personal certificate store on the Outlook Web Access computer as part of the digital certificate enrollment process.
Manually import the recipient's encryption certificate into the personal certificate store on the Outlook Web Access computer.

- Collapse -
Answer
Dark Mail
Jul 22, 2014 2:15AM PDT
- Collapse -
Sadly I predict another LavaBit issue.
Jul 22, 2014 2:22AM PDT

Read up on what happened with LavaBit. Also read up on what the NSA is saying about the Tails OS, Linux Journal.

We are now extremists. That is, is the USA calling its citizens extremists?
Bob

- Collapse -
issue?
Jul 22, 2014 3:41AM PDT

Technical or something else?

- Collapse -
Huge issue.
Jul 23, 2014 1:18AM PDT

Did you see (read) what happened to the last secure system?

Do you know about TAILS (OS) and what the NSA is calling its users and along with them, The Linux Journal?
If not, you may see another train wreck but it won't be entirely your fault.

That is, it would be unfair to not tell folk up front about the risks and what happened before.
Bob

- Collapse -
Not a new issue
Aug 3, 2014 9:28PM PDT

Guys this isn't new at all. The only thing is that its more out in the open. Secure mail plattforms have arisen and closed down by officials all over the world for years now. Regardless why I would not use them for privacy reasons, not saying nor meaning that they are bad or badly implemented at all.

So my recommendation is to use what the initial starter of the thread wanted to have, a solution for end-to-end encryption with outlook.

Platforms like Lavabit can be taken down centrally, widespread end-to-end encryption solutions may not been taken down so fast regardless whether they are noncommercial like Outlook Privacy Plugin or commercial like Symanctec encryption or gpg4o. If you wanna go for S/MIME with a digital certificate I would not recommend to use the Microsoft implementation (Backdoor risk!)

It would be even better to use an other mail client which is not known to have backdoors at all. Very often the mail client may not be changed to some reason.

Best regards
Hajo