The following is taken from the Microsoft Outlook Express help file.
Sending secure messages
As more people send confidential information by e-mail, it is increasingly important to be sure that documents sent in e-mail are not forged, and to be certain that messages you send cannot be intercepted and read by anyone other than your intended recipient.
By using digital IDs with Outlook Express, you can prove your identity in electronic transactions in a way that is similar to showing your driver's license when you cash a check. You can also use a digital ID to encrypt messages, keeping them private. Digital IDs incorporate the Secure/Multipurpose Internet Mail Extensions (S/MIME) specification for secure electronic e-mail.
How do digital IDs work?
A digital ID is composed of a public key, a private key, and a digital signature. When you digitally sign your messages, you are adding your digital signature and public key to the message. The combination of a digital signature and public key is called a certificate. With Outlook Express, you can specify a certificate to be used by others to send encrypted messages to you. This certificate can be different from your signing certificate.
Recipients can use your digital signature to verify your identity, and they can use your public key to send you encrypted e-mail that only you can read by using your private key. To send encrypted messages, your Address Book must contain digital IDs for the recipients. That way, you can use their public keys to encrypt the messages. When a recipient gets an encrypted message, his or her private key is used to decrypt the message for reading.
Before you can start sending digitally signed messages, you must obtain a digital ID. If you are sending encrypted messages, your Address Book must contain a digital ID for each recipient.
Where do you get digital IDs?
Digital IDs are issued by independent certification authorities. When you apply for a digital ID at a certification authority's Web site, your identity is verified before an ID is issued. There are different classes of digital IDs, each certifying to a different level of trustworthiness. For more information, visit the certification authority's Web site.
How do you verify a digital signature?
With revocation checking, you can verify the validity of a digitally signed message. When you make such a check, Outlook Express requests information on the digital ID from the appropriate certification authority. The certification authority sends back information on the status of the digital ID, including whether the ID has been revoked. Certification authorities keep track of certificates that have been revoked due to loss or termination.