Step-by-Step Guide to Public Key Features of Outlook 2000

This step-by-step guide details basic features related to the Public Key Infrastructure (PKI) in Microsoft® Outlook® 2000 messaging and collaboration software. In particular, it describes how to configure Outlook 2000 to send signed and encrypted e-mail messages using the Secure Multipurpose Internet Mail Extensions (S/MIME) mail standard.

On This Page

Introduction
Configuring Outlook 2000 for S/MIME Secure Mail
Sending Digitally Signed Messages Using Outlook 2000
Obtaining a Copy of Someone's Public Encryption Key or Certificate
Sending Digitally Encrypted Messages Using Outlook 2000

Introduction

This step-by-step guide explains basic features related to the Public Key Infrastructure (PKI) in Microsoft® Outlook® 2000 messaging and collaboration software. In particular, it describes how to configure Outlook 2000 to send signed and encrypted e-mail messages using the Secure Multipurpose Internet Mail Extensions (S/MIME) mail standard.

Requirements

You must be running the Windows 2000 operating system. The most current information about hardware requirements and compatibility for servers, clients, and peripherals is available at the Windows 2000 Hardware Compatibility site (https://www.microsoft.com/windows2000/server/howtobuy/upgrading/compat/default.asp).

Configuring Outlook 2000 for S/MIME Secure Mail

It is assumed in this guide that you have already installed Outlook 2000 and have configured it to send and receive mail through your mail server.

1. Open Outlook. From the Tools menu, click Options, and then click the Security tab. The summary pane for security options appears (see figure 1).

   

   Figure 1: Security Tab

2. Click the Setup Secure E-mail button under the Secure e-mail section (see figure 1 above). The Change Security Settings dialog displays.

   

   Figure 2: Security Settings

   Outlook 2000 views your certificates, determines which ones are valid for e-mail encryption and digital signatures, and chooses a certificate for each. If the certificates that Outlook selects are not the ones you want to use with Outlook 2000, you can change the default selections:

   • Click the Choose button in the Signing Certificate section to select a certificate to use for e-mail digital signatures.

   • Click the Choose button in the Encryption Certificate section to select a certificate for e-mail encryption.

3. Click OK to close the Change Security Settings dialog box and return to the Options dialog box.

4. If you want to digitally sign all e-mail messages that you send, click the Add digital signature to outgoing messages option. (You can also add digital signatures to messages on a per-message basis as described below.)

5. If you want to encrypt all e-mail messages that you send, select the Encrypt contents and attachments for outgoing messages option. (You can also encrypt individual messages on a per-message basis as described below.)

6. Click Apply, and then click OK to close the Options dialog box.

7. On the Tools menu, click Services, and click the Addressing tab.

8. Under Show this address list first, select Contacts from the drop-down list.

9. Under When sending mail, move Contacts to the top of the search order and Global Address List to the bottom. Click Apply, and then click OK.

Sending Digitally Signed Messages Using Outlook 2000

To send a digitally signed message

1. Click the New Mail Message button to create a blank message.

2. In the To field, type in the e-mail address of the intended recipient.

3. Add your text to the Subject field and to the body of the message.

4. Click the Options button, or, on the View menu, click Options. The Message Options dialog box appears.

5. Click the Add digital signature to outgoing message option.

6. Click Close to close the Message Options dialog box, and then click the Send button to send the signed e-mail message.

Obtaining a Copy of Someone's Public Encryption Key or Certificate

An encryption certificate belonging to the intended recipient of your e-mail message contains a copy of his or her public encryption key. One way to get a copy of an encryption public key is to have the recipient send you a digitally signed message.

To save copies of the digital certificates sent with a signed message

1. Open a signed message. These are denoted by the red seal attached to the envelope icon in the Inbox.

2. Right-click the name of the sender in the From field and select Add to Contacts, and then click Save and Close to add the user and the public key certificate to your addressing store.

Sending Digitally Encrypted Messages Using Outlook 2000

To send someone an encrypted message, you must first have a copy of his or her public encryption key or encryption certificate (the certificate contains a copy of the public key). In this section, it is assumed that you have already obtained the recipient's public key certificate and that the recipient is in your Contacts list.

To send an encrypted mail message

1. Click the New Message button, or click New Mail Message on the Actions menu.

2. In the To field, type in the recipient's e-mail address.

3. Add your text to the subject field and body of the message.

4. Click the Options button, or, click Options on the View menu. The Message Options dialog box appears.

5. Select Encrypt message contents and attachments.

6. Click Close to close the Message Options dialog box.

   Click the Send button to send the encrypted e-mail message.

   • You do not need your private key to send encrypted e-mail because the encryption occurs using the public key of the recipient.

   • You do need your private key to read an encrypted e-mail because the decryption requires the private key that corresponds to the public key used to encrypt the e-mail.