Secure mail allows you to send and receive encrypted and verified e-mail over the Internet. Secure mail is now a standard feature in the Netscape and Microsoft browsers, but you must have a certificate before it will work. You also need to make sure the people you are communicating with have a certificate too. Here's how it works.
The encryption part works with a pair of keys, a public and a private key. You can encrypt a message with one key, but you have to have the other to decrypt it. You will give your public key to anyone that sends you secure mail, but you carefully guard the private key. In fact, when the private key is installed in your browser, it cannot be removed. You can even put a password on your private key so that no one else can use your computer to decrypt a message. When the sender prepares a message to you, he encrypts the message with your public key. You are the only one with the private key, so you're the only one that can open it.
How do you know the sender is really the person he says he is? The sender needs to get a set of keys too. The sender will encrypt the message using your public key and his private key. When you receive the message,you will unlock it using your private key and his public key. Because you know the sender has the only private key, you know it really came from him.
Finally, just to make absolutely sure nobody pretends to be somebody else, a third party holds the registration for all the keys. If you want to be absolutely sure Joe Doe sent you that message, you go to the Registrar and get the public key from him. The Registrar will only issue one set of keys per e-mail address. If Joe Doe told you that his e-mail address is registered, then you know for sure it's his message.
Even though all of this key stuff sounds complicated, it's easy to use. Outlook Express 5 and Netscape Messenger 4.5 or higher will automatically attach your public key to any message you send. This is known as signing your message. Communicator also automatically captures the public keys sent to you by others so that you're ready to send an encrypted message back. Outlook Express requires you to manually install other people’s keys.
Secure mail is so secure that the U.S. Government will not permit the 128-bit version to be sold outside of the U.S. and Canada. The standard 40-bit version does such a good job of encrypting your mail that it would take days with the best computers to break in. Most of us aren't sending documents worth that kind of effort to steal.