Installing a digital certificate in your e-mail client application allows the receiver to verify that the message has not been tampered with. Getting a certificate from a certificate authority means that the sender can additionally veryfy that you -- and not a spammer -- sent the message. (Unless, of course, the spammer has stolen the certificate.)
For a certificate authority to issue a certificate to you, you must convince them that you are really you.
Comodo offer a free personal certificate and change $7/year for commercial use. Alternatively, CAcert are free, but are still working on getting their root certificate included in the main browsers. I use CAcert.
Somewhat confusingly, the CAcert website installs the certificate automatically
rather than allowing you to download it.
To get at the certificate go to
Tools -> Options -> Advanced -> View certificates -> Your certificates
Backup the certificate to export it, and then delete the certificate from Firefox: there is
no reason for it to be in Firefox, so it should be removed.
Next, you have to get the certificate into your e-mail program. I am using Outlook 2007. It goes as follows:
Signed e-mail has a detached signature (.p7s
) file attached
which contains the signature and the public key.
Naturally, the process is all explained in
Wikipedia. Of
course, you still have to check that the attached public key does
actually belong to the sender; this is the purpose of the certificate
authority.