Secure Email for Lawyers

Digi-Mail™ Service - Case Study


PDF As a profession synonymous with the written word and the ‘right to a fair trial’, technology has been slow to enter the halls of justice. The technological advances that have been made are usually introduced through the governing bodies or legal associations.

The Pennsylvania Board of Law Examiners grants admission to the bar in the commonwealth of Pennsylvania. Traditionally, test papers, exams and essays were distributed on paper. Professors and Administrators prepared the necessary documents and drafts were marked, re-marked and finalized before being sent for secure printing. Students who sat these examinations or submitted essays and term papers, also used traditional paper-based methods. Exam’ results and term papers were also graded manually and on paper.

The use of email in academia is now commonplace. All aspects of college and university communications are electronic wherever possible. This proliferation of technology prompted the Pennsylvania Board of Law Examiners to find an electronic solution to ease the most laborious component of their environment: term paper grading.

Selecting a Solution

      The process of preparing a term paper involves several contributors. These Professors must exchange ideas, agree test principles and set the term paper requirements. This preparatory work must be kept secret if the Board is to keep its reputation. In electing to use secure email, the primary objective was absolute security.

On the understanding that security was central to the solution, issues relating to deployment of the software and subsequent management of users were examined. It was obvious that a software solution would create more problems than it would actually solve. A student recommended that the Board look to Digital Certificates to solve these issues.


      Microsoft®, Lotus Notes®, Mozilla, Eudora®, Thunderbird and most email software in the market today are all compliant with the x.509 Digital Certificate standards. This means that regardless of what email software a person uses for their email, they are guaranteed that it works with Digital Certificates.

This realization solved most if not all of the Board’s issues, all they required now was the Certificates themselves. To do this, the existing Traditional CA system had to be migrated to Digi-CA™ using three simple steps:

          1. Export & Import
          2. Renewal Change Over
          3. Revokation & Reissue

1. Export& Import

          By exporting all of the Digital Certificate data, and user information, from the Traditional CA, this data can be imported directly into the Digi-CA™ Service system. By doing this, the Traditional CA can be shut down immediately because Digi-CA™ is capable of managing multiple Certificates, regardless of the original vendor. There is no loss of service and the total environment continues to operate without interruption.

2. Renewal Change Over

          Most CAs reissue Digital Certificates each year and revoke the previous year’s Certificates in the process. This Certificate Renewal Process is an ongoing component of the CA environment.

    Working with the Certificate Policy for validating users, the Digi-CA™ system simply switches the older Digital Certificate for the new Certificate during the Renewal Process. The end user experiences no interruption of use and often can be completely unaware that the Legacy CA has been replaced by the new Digi-CA™ system.

3. Revokation & Reissue

          In some cases the Traditional CA is too inflexible to use either of the previous migration methods and the simplest solution is to revoke all of the older Certificates and issue the new ones as required.

The Migration Experience

      The Renewal Change Over process was used in this Digi-CA™ Service case. Insurecom used the Certificate Renewal Process to replace the older Certificates with Digi-CA’s™ and migrated from the Legacy CA to complete the process during the course of the year.

There was no service interruption, no loss of access and no ‘down time’ in the process. The resources used in the migration were no more than had been used in the operation of the Legacy CA and the entire environment continued to operate uninterrupted.

Solution’s Day-to-Day Operation

      The Insurecom system operates more efficiently and uses less human resources than was the case with the Legacy CA.

Insurecom enjoyed the benefits of Digi-CA™ without the usual complications associated with migrating from one system to another. For Insurecom, the decision to migrate was a difficult one, but one that reaped significant rewards.

A Simple, Cost Effective Solution

      It is worth noting that in addition to the time and human resource savings afforded to Insurecom as a result of migrating from the Legacy CA to Digi-CA™, the annual subscription costs are lower too!