home | album | growth | mementos | musings | people | ventures

Thawte Web Of Trust Notary

Among my other geek activities, I am a notary in the Thawte Web Of Trust.

E-mail me at the address on my home page if you want me to verify you, or if you have questions you want to ask. I don't put my email address on all my pages because I am sick of spam.

In an over-simplified summary, Thawte has a program where they issue free digital certificates for email. There are normally two things you use these for.

Using the analogy of a regular post office, regular email is like a post-card written in pencil. Anybody who works for the post office can read it. Anybody who intercepts your mail can read it. Anybody could alter it. The first use, a digital signature, is like writing your postcard in a special ink. If the message is altered at all, everybody who reads it will know. The magic-ink postcard can still be read by anybody, however. The second use, encryption, is like putting your message in an armored car, then mailing the armored car. It is vulnerable when you put it in the car and take it out. While it is in transit, nobody can see the message, only the armored car.

The most common use of certificates is for digital signatures. That lets you sign messages electronically. They are made so that nobody can forge your signature. If the message is altered then the signiture will not match, and if somebody has a message you signed, they can prove that you signed it even if you try to deny it.

Digital certificates can also be used to encrypt email, making it so that only the sender and receiver can understand it. NOBODY ELSE, no government, no business, no criminals, no police, not the companies who assured your idenity (Thawte, VeriSign, or other CA's), absolutely nobody except the people in the TO and the FROM are able to read the message. Both people need to have a certificate in order for this to work.

Now for the disclaimer. There is a mathematical possibility that somebody could decypher or forge a signature. With the state-of-the-art today, if every computer on Earth were to work for trillions of years, they could only find one, or maybe two, messages. Even the way computer technology is growing, it would take decades and billions of dollars worth of equipment to decode the messages. It would be cheaper and faster to steal your computer and break your password then to decrypt the message. It is not unbreakable, it just makes transportation unbreakable. With encryption, the weakest link is you and your computer, not the mail system.

Valid XHTML 1.0! Best with any browser campaign