Hello,
Martin, if I understood your answer to Marco correctly (dated Jun 9th), the main advantage of your app over the native BB S/MIME functionality is that you only use one certificate on the device to encrypt messages between the handheld and the Djigzo gateway, when a standard usage of S/MIME would require to store each recipient's certificate on the device ? Did I get you right ?
Christian
Hi Christian,
Martin, if I understood your answer to Marco correctly (dated Jun 9th), the main advantage of your app over the native BB S/MIME functionality is that you only use one certificate on the device to encrypt messages between the handheld and the Djigzo gateway, when a standard usage of S/MIME would require to store each recipient's certificate on the device ? Did I get you right ?
Yes that's correct. The certificate on the BlackBerry is used for the
encrypted and signed S/MIME tunnel between the BlackBerry and the
gateway. When an email sent with Djigzo for BlackBerry is received by
the Djigzo gateway, and the user is allowed to relay, the gateway will
then forward the message to the final recipient. Whether the forwarded
message is again encrypted (with S/MIME or PDF) is up to the Digzo
gateway settings. The main advantage of this setup is that all
certificate management can be done on the gateway.
Kind regards,
Martijn
···
--
Djigzo open source email encryption
-----Message d'origine-----
De : Martijn Brinkers [mailto:martijn(a)djigzo.com]
Envoyé : jeudi 10 juin 2010 14:52
À : users(a)lists.djigzo.com
Cc : Christian Grégoire
Objet : Re: Djigzo for BlackBerry
Hi Christian,
Martin, if I understood your answer to Marco correctly
(dated Jun 9th), the main advantage of your app over the native
BB S/MIME functionality is that you only use one certificate
on the device to encrypt messages between the handheld and the
Djigzo gateway, when a standard usage of S/MIME would require to
store each recipient's certificate on the device ?
Did I get you right ?
Yes that's correct. The certificate on the BlackBerry is used for the
encrypted and signed S/MIME tunnel between the BlackBerry and the
gateway. When an email sent with Djigzo for BlackBerry is received by
the Djigzo gateway, and the user is allowed to relay, the gateway will
then forward the message to the final recipient. Whether the forwarded
message is again encrypted (with S/MIME or PDF) is up to the Digzo
gateway settings. The main advantage of this setup is that all
certificate management can be done on the gateway.
OK. My BlackBerrys are BES-enabled. I plan to put the Djigzo gateway
in front of the Exchange server. Would that work ?
OK. My BlackBerrys are BES-enabled. I plan to put the Djigzo gateway
in front of the Exchange server. Would that work ?
Yes that should work. However, you should make sure that the special
relay email address is an email address that is not an internal mailbox
if the Exchange server otherwise the Djigzo gateway will never see the
message.
When a user sends a message from the BlackBerry with Djigzo for
BlackBerry the following should happen:
BlackBerry -> BES -> Exchange -> Djigzo (relay(a)example.com)
If the special relay email address is local to Exchange then the mail
will not be sent through the Djigzo gateway. If you do want to use an
internal email address you can set a forward to make sure the message
gets forwarded to the Djigzo gateway.
I hope my explanation was clear enough. If not I can try to give a more
though explanation.
Kind regards,
Martijn Brinkers
···
--
Djigzo open source email encryption