Lotus Notes 5 (part III)

Getting a Digi-ID™

Certificate for Internet mail from Notes:

    1. Choose File - Tools - User ID.
    2. Go to the Certificates panel of the User ID dialog box.
    3. Scroll down in the Certificates Issued By list until you see the new certificates you just imported.
    4. Select your public key certificate (not the certificate authority certificates). When you select the right certificate, your e-mail address will appear in the Certificates Issued To list.
    5. Make sure that the "This is your default signing certificate" checkbox is selected.
    6. Click OK.

To use the Digi-ID™ as you send and receive e-mail from Notes:

    1. When composing an e-mail message, click the Delivery Options action button to open the Delivery Options dialog box
    2. On the Basics tab, select Sign (to authenticate the message) or Encrypt (to make the message secret), or both.
    3. Click OK.

Keep in mind that to send an encrypted e-mail to someone who is not using Notes mail, you must have that person's public key certificate in your Domino Directory. The certificate, if present, is visible on the Certificates tab of the recipient's Person document under Internet Certificates. To get more detail about a particular certificate in a Person document:

    1. Open the Person document in edit mode.
    2. Click the Examine Internet Certificates action button.
    3. Select the certificate you are interested in from the list of certificates in the Examine Internet Certificates dialog box. Details about the selected certificate will appear in the lower part of the dialog box.

If you want to send an encrypted message to someone using S/MIME and their Internet certificate is in their Person document in a Domino Directory to which you have access, no special steps are required. If you want to send an encrypted message to someone and you do not have their Internet certificate, ask that person to send you a signed e-mail message.

When you open the signed message, you will be prompted to cross certify. If you wish to establish trust with the certificate authority that issued their certificate in one simple step (in addition to trusting the user's certificate), you may select it from the Subject name list box. Confirmation that the message was signed will appear in the status bar. Then choose Tools - Add Sender to Address Book from the menu. The default action (on the Advanced tab) is to "Include x.509 certificates when encountered." When a Contact document is added to your personal address book, the sender's public key will be available to you and you will be able to encrypt messages to him or her.