Years ago when I was using a PC, I bought a Verisign digital certificate to be able to send and receive secure e-mail. A few years later I bought PGP for Mac OS X, but after a re-install I didn't bother with PGP as I hardly ever used it; they've just sent me an e-mail about PGP 9, but it doesn't appear to be Tiger compatible. Anyway it got me thinking again about the whole secure e-mail thing.
Of course it's all very well being able to digitally sign e-mails with your public key, but unless you have the public key of the person you're exchanging e-mails with, you won't be able to encrypt messages to them (or or decrypt messages from them) and vice versa. As very few people use any form of public key encryption (and nobody that I know or regularly exchange e-mails with) it's kind of a waste of money.
However, yesterday afternoon, between pottering about in the garden (on a decidedly un-summery day) and getting something to eat, I did some online investigation. Buying PGP (or buying anything to secure e-mail) seemed a waste of money and in any case PGP is not yet Tiger compatible. Mac GNU Privacy Guard looked like a possibility as it's free, but installation seemed to be a pain. Mac OS X Mail Help indicated that it natively supported the sort of digital certificates from Verisign or Thawte, but Verisign looked to be very costly and more for commerce. Thawte, it appeared, produced free certificates for non-commercial e-mail use and you can have additional certificates for other e-mail accounts. I signed up. Why don't you?
Big Brother is watching us. Of course if I were to start sending encrypted e-mails all over the place, the FBI, CIA, MI5 and MI6 might suddenly get curious; I assume the integrity of my secure e-mail is safe with Thawte, else what's the point?
