read saved encrypted mesages after certificate expires

H

HaraldS

Consider messages that were encrypted for "me" and that I saved as .msg files
in places external to Outlook.

Is readability of such messages given after my certificate expires?
Same question for messages that are kept in normal Outlook folders?
 
M

Milly Staples [MVP - Outlook]

Have you tested it? What were the results?

--
Milly Staples [MVP - Outlook]

Post all replies to the group to keep the discussion intact.
How to ask a question: http://support.microsoft.com/KB/555375


After furious head scratching, HaraldS asked:

| Consider messages that were encrypted for "me" and that I saved as
| .msg files in places external to Outlook.
|
| Is readability of such messages given after my certificate expires?
| Same question for messages that are kept in normal Outlook folders?
 
H

HaraldS

I have NOT tested it.
Moreover, I would neither know how nor want to INTENTIONALLY expire my
certificate (I'm glad I managed to get one).

Elected as a kind of Guinea pig for the department, I'm just getting used to
email encryption, and try to set up things and collect dos & donts as
diligently as possible.

AND I was assuming (perhaps erroneously so) that with Outlook, questions
like this could be answered other than by experimentation...

Meanwhile I found one weak hint, that keeping expired certificates
installed may suffice to maintain legibility. Would appreciate a more
explicit confirmation, though.
 
B

Brian Tillman [MVP - Outlook]

Meanwhile I found one weak hint, that keeping expired certificates
installed may suffice to maintain legibility. Would appreciate a more
explicit confirmation, though.
Click to expand...

I'll confirm it. Think about it. If you received a certificate in, say,
2006 that expired in 2007, while it was active people sending encrypted mail
to you using that public key. Now that it has expired, of course people
can't encrypt with that public key but mudst use the one you have now.
However, if you still have a message from 2006, how will you read it without
the private key that goes with the public key used to encrypt it? Delete
the expired cert and you lose the key.
 
Top