What is a digital signature?
Last modified on 21 February 2020 01:40 PM
StartMail supports the capability to digitally sign your message to another user using your PGP key pair.
Your digital signature serves a similar purpose as a hand-written signature. It authenticates the source of a message. Additionally, it timestamps and certifies that the content of a message has not been modified. It provides a way to verify the sender's identity by guaranteeing that the person sending the encrypted email is the owner of a private key that matches the sender's email address. More information can be found in our Technical White Paper here.
A user’s private PGP key is used to sign a message. The signature is verified with the user’s public PGP key. In order to verify the authenticity of the sender’s signature, the receiver must have the sender’s legitimate public PGP key.
If I have access to your private PGP key, I can impersonate you in an electronic message. Likewise, if you have an altered version of someone’s public PGP key rather than the legitimate public PGP key, I can impersonate that person with that altered key pair.
StartMail provides a setting to digitally sign every email, or you may choose to digitally sign an email while composing it.
1. To enable a digital signature on every email sent via web browser, follow these steps:
2. To choose to digitally sign an email while composing it, follow these steps:
- If a sender has digitally signed his or her email, an icon will be displayed next to the sender's name in the email.
Still haven't found the answer to your question? Click here to contact support.