Signierte E-Mails/en: Unterschied zwischen den Versionen

ZIM HilfeWiki - das Wiki
 
(6 dazwischenliegende Versionen von 3 Benutzern werden nicht angezeigt)
Zeile 2: Zeile 2:
 
|origin=Signierte E-Mails
 
|origin=Signierte E-Mails
 
|lang=en
 
|lang=en
|translated title=Signed E-Mails
+
|translated title=Certified E-Mails
}}This tutorial provides information about the benefits and recognition of signed emails signed via the '''S/MIME procedure'''.
+
}}This tutorial provides information about the benefits and recognition of certified emails certified via the '''S/MIME procedure'''.
  
There is also the option to sign emails via the '''PGP procedure'''. For this method, users have to install additional plugin(s) and the public key of the respective sender has to be downloaded separately. In addition, the cryptographic key is not issued by a certification authority, but is generated privately.
+
There is also the option to certify emails via the '''PGP procedure'''. For this method, users have to install additional plugin(s) and the public key of the respective sender has to be downloaded separately. In addition, the cryptographic key is not issued by a certification authority, but is generated privately.
  
== Signed e-mails (S/MIME) ==
+
== Certified e-mails (S/MIME) ==
=== What is a signed e-mail ===
+
=== What is a certified e-mail ===
  
E-mail signatures are an additional protection instance to verify the sender address and the content of the message.
+
E-mail certifications are an additional protection instance to verify the sender address and the content of the message.
 
This especially helps to unmask phishing e-mails posing as popular services (e.g., online banking, parcel services, e-mail providers, etc.).
 
This especially helps to unmask phishing e-mails posing as popular services (e.g., online banking, parcel services, e-mail providers, etc.).
Phishing attempts are an increasingly frequent attack on user data and are sometimes more, sometimes less easily distinguishable from "real" e-mails. They are not based on malware, but on deceiving the recipient into believing that he or she has received a genuine request. More information about phishing including detailed examples can be found here: [https://hilfe.uni-paderborn.de/Hinweise_zu_Phishing-E-Mails Notes on phishing emails]
+
Phishing attempts are an increasingly frequent attack on user data and are sometimes more, sometimes less easily distinguishable from "real" e-mails. They are not based on malware, but on deceiving the recipient into believing that he or she has received a genuine request. More information about phishing including detailed examples can be found here: [https://hilfe.uni-paderborn.de/Hinweise_zu_Phishing-E-Mails/en Notes on phishing emails]
  
If you receive a '''signed e-mail''', you can rely both on the sender address displayed and on the fact that the content of the e-mail was not manipulated during transmission.
+
If you receive a '''certified e-mail''', you can rely both on the sender address displayed and on the fact that the content of the e-mail was not manipulated during transmission.
  
 
Therefore, pay attention to the sender address! It should '''not''' say ''benutzerberatung@upb.de.hackerparadies.com'' or anything similar.
 
Therefore, pay attention to the sender address! It should '''not''' say ''benutzerberatung@upb.de.hackerparadies.com'' or anything similar.
  
The IMT sends e-mails under '''imt@uni-paderborn.de''' or '''imt@upb.de'''.
+
The ZIM sends e-mails under '''zim@uni-paderborn.de''' or '''zim@uni-paderborn.de'''.
=== Who can sign own e-mails (S/MIME) ===
+
=== Who can certify their own e-mails (S/MIME) ===
  
Anyone who has had their identity certified by the certification authority responsible for their e-mail address can sign e-mails. During this process, the e-mail address whose e-mails are to be signed in the future must be specified. The IMT (Center for Information and Media Technologies), for example, has the possibility to issue certificates for members of the University of Paderborn.
+
Anyone who has had their identity certified by the certification authority responsible for their e-mail address can certify e-mails. During this process, the e-mail address whose e-mails are to be certified in the future must be specified. The ZIM (Center for Information and Media Technologies), for example, has the possibility to issue certificates for members of the University of Paderborn.
  
 
This includes all e-mail addresses of the following formats:
 
This includes all e-mail addresses of the following formats:
Zeile 32: Zeile 32:
  
 
More information about application: [https://hilfe.uni-paderborn.de/E-Mail_SSL-Zertifikat_beantragen Applying for an e-mail SSL certificate]
 
More information about application: [https://hilfe.uni-paderborn.de/E-Mail_SSL-Zertifikat_beantragen Applying for an e-mail SSL certificate]
== How to recognize signed e-mails? ==
+
== How to recognize certified e-mails? ==
  
E-mail programs display correctly signed e-mails differently. Usually, a confirmation icon appears in the header of the message, as well as a reference to the sender.
+
E-mail programs display correctly certified e-mails differently. Usually, a confirmation icon appears in the header of the message, as well as a reference to the sender.
  
Mobile devices (smartphones, tablets) are unfortunately an exception to the rule. The manufacturer, app used and version of the OS (Android/iOS) determine whether a notice appears or not. In our experience, most mail apps are currently unable to display the signing correctly. There are efforts by the operators to change this.
+
Mobile devices (smartphones, tablets) are unfortunately an exception to the rule. The manufacturer, app used and version of the OS (Android/iOS) determine whether a notice appears or not. In our experience, most mail apps are currently unable to display the certification correctly. There are efforts by the operators to change this.
  
In popular desktop apps, as well as Webmail, signed emails are displayed as follows.
+
In popular desktop apps, as well as Webmail, certified emails are displayed as follows.
==== Outlook ====
 
Outlook
 
==== Thunderbird ====
 
Thunderbird
 
==== Apple mail ====
 
Apple mail
 
==== Webmail ====
 
Display in Roundcube
 
Appearance in Horde
 
==== OWA ====
 
Display in OWA (via Internet Explorer)
 
  
== S/MIME signature and encryption ==
+
<bootstrap_accordion>
 +
<bootstrap_panel id="Outlook" >[[Datei:E-Mail signieren Outlook.png|600px|mini|ohne|'''Outlook''']]</bootstrap_panel>
 +
<bootstrap_panel id ="Thunderbird">[[Datei:E-Mail signieren Thunderbird.png|600px|mini|ohne|'''Thunderbird''']]</bootstrap_panel>
 +
<bootstrap_panel id ="Apple-Mail">[[Datei:E-Mail signieren Apple-Mail.png|600px|mini|ohne|'''Apple-Mail''']]</bootstrap_panel>
 +
<bootstrap_panel id ="Webmail">[[Datei:E-Mail signieren Webmail.png|592px|mini|ohne|'''Appearance in Webmail''']]</bootstrap_panel>
 +
<bootstrap_panel id ="OWA">[[Datei:E-Mail signieren OWA.png|700px|mini|ohne|'''OWA can display the certification - Unfortunately it can't be checked''']]</bootstrap_panel>
 +
</bootstrap_accordion>
  
Every signed e-mail also contains the sender's public cryptographic key. Common e-mail programs store this key with the corresponding contact in the address book. If you have the ability to sign your own e-mails, you can encrypt e-mails to the contact in question from this point on.
+
== S/MIME certification and encryption ==
  
* Signed e-mail = public key from sender
+
Every certified e-mail also contains the sender's public cryptographic key. Common e-mail programs store this key with the corresponding contact in the address book. If you have the ability to certify your own e-mails, you can encrypt e-mails to the contact in question from this point on.
 +
 
 +
* Certified e-mail = public key from sender
 
* Public key + own S/MIME certificate = option to encrypt (to the contact)
 
* Public key + own S/MIME certificate = option to encrypt (to the contact)
  

Aktuelle Version vom 30. August 2024, 11:41 Uhr

Die deutsche Version finden Sie auf der Seite Signierte E-Mails

This tutorial provides information about the benefits and recognition of certified emails certified via the S/MIME procedure.

There is also the option to certify emails via the PGP procedure. For this method, users have to install additional plugin(s) and the public key of the respective sender has to be downloaded separately. In addition, the cryptographic key is not issued by a certification authority, but is generated privately.

Certified e-mails (S/MIME)[Bearbeiten | Quelltext bearbeiten]

What is a certified e-mail[Bearbeiten | Quelltext bearbeiten]

E-mail certifications are an additional protection instance to verify the sender address and the content of the message. This especially helps to unmask phishing e-mails posing as popular services (e.g., online banking, parcel services, e-mail providers, etc.). Phishing attempts are an increasingly frequent attack on user data and are sometimes more, sometimes less easily distinguishable from "real" e-mails. They are not based on malware, but on deceiving the recipient into believing that he or she has received a genuine request. More information about phishing including detailed examples can be found here: Notes on phishing emails

If you receive a certified e-mail, you can rely both on the sender address displayed and on the fact that the content of the e-mail was not manipulated during transmission.

Therefore, pay attention to the sender address! It should not say benutzerberatung@upb.de.hackerparadies.com or anything similar.

The ZIM sends e-mails under zim@uni-paderborn.de or zim@uni-paderborn.de.

Who can certify their own e-mails (S/MIME)[Bearbeiten | Quelltext bearbeiten]

Anyone who has had their identity certified by the certification authority responsible for their e-mail address can certify e-mails. During this process, the e-mail address whose e-mails are to be certified in the future must be specified. The ZIM (Center for Information and Media Technologies), for example, has the possibility to issue certificates for members of the University of Paderborn.

This includes all e-mail addresses of the following formats:

  • *@uni-paderborn.de
  • *@mail.uni-paderborn.de
  • *@campus.uni-paderborn.de
  • *@*.uni-paderborn.de
  • *@*.upb.de

More information about application: Applying for an e-mail SSL certificate

How to recognize certified e-mails?[Bearbeiten | Quelltext bearbeiten]

E-mail programs display correctly certified e-mails differently. Usually, a confirmation icon appears in the header of the message, as well as a reference to the sender.

Mobile devices (smartphones, tablets) are unfortunately an exception to the rule. The manufacturer, app used and version of the OS (Android/iOS) determine whether a notice appears or not. In our experience, most mail apps are currently unable to display the certification correctly. There are efforts by the operators to change this.

In popular desktop apps, as well as Webmail, certified emails are displayed as follows.

Outlook
Thunderbird
Apple-Mail
Appearance in Webmail
OWA can display the certification - Unfortunately it can't be checked

S/MIME certification and encryption[Bearbeiten | Quelltext bearbeiten]

Every certified e-mail also contains the sender's public cryptographic key. Common e-mail programs store this key with the corresponding contact in the address book. If you have the ability to certify your own e-mails, you can encrypt e-mails to the contact in question from this point on.

  • Certified e-mail = public key from sender
  • Public key + own S/MIME certificate = option to encrypt (to the contact)


Further information[Bearbeiten | Quelltext bearbeiten]


Bei Fragen oder Problemen wenden Sie sich bitte telefonisch oder per E-Mail an uns:

Tel. IT: +49 (5251) 60-5544 Tel. Medien: +49 (5251) 60-2821 E-Mail: zim@uni-paderborn.de

Das Notebook-Café ist die Benutzerberatung des ZIM - Sie finden uns in Raum I0.401

Wir sind zu folgenden Zeiten erreichbar:


Mo Di - Fr
Vor-Ort-Support Geschlossen Über die Feiertage geschlossen
Telefonsupport 08:30 - 13:00 Über die Feiertage geschlossen


Das ZIM:Servicecenter Medien auf H1 hat aktuell zu folgenden Zeiten geöffnet:

Mo Di - Fr
08:00 - 16:00 Über die Feiertage geschlossen


Cookies helfen uns bei der Bereitstellung des ZIM HilfeWikis. Bei der Nutzung vom ZIM HilfeWiki werden die in der Datenschutzerklärung beschriebenen Cookies gespeichert.