ntrust Quick Reference Guide for Subscribers

advertisement
What is a PKI?
Create a Profile
Log In
PKI provides security solutions for a range of
business applications. Security features within
applications are transparent to end-users and easy to
use.
Right click the Entrust Intelligence icon,
on the
windows task bar.
Click Create Entrust Profile on the pop up menu
The wizard will guide you through.
Click the Next button
Enter the Reference number
Enter the Authorization code
Click Next
-You can accept the default location or browse
Type your name in the Profile name field
Click Next
Type your name in the profile name field
Click Next
Enter a password,
Enter your password in New Password filed
Enter your password in Confirm password field
Click Next – take a few seconds to create profile
Click Finish
Right click the Intelligence icon
windows taskbar.
Click Log in to Entrust
Public key cryptography provides the foundation of
network security through encryption and digital
signatures. Together, encryption and digital
signatures provide:
Confidentiality:
Encrypting a file so that only you and the people
you authorize can decrypt and read it.
Authentication:
Checking the digital signature of the person who
signed a file to ensure that the file really came from
that person. A guarantee of someone’s identity.
Non-repudiation
Guarantees that only the person whose digital
signature appears on the document could have
signed it. Prevents the party from denying the
transaction after the fact.
Integrity:
Ensures that a protected file’s contents are
unchanged. A valid digital signature on a file
guarantees that the file has not been altered since it
was signed.
Password Criteria





Minimum of 11 characters
1 uppercase letter
1 lowercase letter
1 digit
1 non alpha-numeric character
on your
Enter you password in the Password field
Click the OK button
The Entrust security warning dialog box appears.
This is a security feature to prevent unauthorized
access to your confidential information in your Entrust
profile.
Log Out
Right click the Intelligence icon
taskbar.
Click Log Out of Entrust.
on your windows
To Encrypt your email message
Compose your message in the Outlook new mail
message window
When you are ready to send, ensure the encrypt
button is selected.
Send the message in the regular way.
Entrust/Express will search for the certificate(s)
of your recipient(s) in the exchange directory and
then encrypt and send your message, including
attachments. A progress dialog will appear.
You can cancel at anytime by clicking cancel
If Entrust/Express can’t find a certificate for a
recipient, it will ask you to choose one yourself.
NOTE: If you wish to sign the message as
well as encrypt it, ensure that you select the
digitally sign button as well as the encrypt
button.
D/PKI/Quick reference
Timestamp when encrypting and/or signing Questions
If you select this option, Entrust/Express will
automatically timestamp all your secured messages so
that the exact time and date is affixed to the message.
By timestamping a file, you can prove that you sent the
message at a specific time and date. You can only
timestamp messages that are secured using the Entrust
format.
To send your certificate to another user
You can send your certificate to another user by using
Entrust/Express or by sending them a signed-only
message.
 In the Outlook main window, Click Express Send
my Certificate to > Entrust User or S/MIME User.
The Outlook Address Book appears.
 Select the recipient from the Outlook Address
Book and click OK. If you are sending your
certificate to an Entrust user, the validation string
will be displayed.
 Click OK.
You should also send the validation string to the user in
a secure manner. When that user imports your
certificate into his or her Entrust Address Book, Entrust
will generate a validation string. The user should check
the generated string against the one you provide. If the
two values match, the certificate is valid. If the two
values do not match, the user should ask you to resend
your certificate.
D/PKI/Quick reference
Please contact your department LRA for
assistance.
TOPICS
If you do not have a departmental LRA please call
Gordon Boone
David Hayes
DSS
DSS
453-5302
457-7876

What is PKI?

Create a Profile

Password Criteria

Log In

Log out
 SendEncrypted/Signed
message
Download