Confirmed as a thawte web of trust notary

Since a couple of days I am con­fir­med as a web of trust no­tary by thawte. So if you're loo­king for a thawte no­tary in the area of Ulm / Ger­many send me an e-mail: niels.seidel ___ nise81 __ com.

You may ask what web of trust means?

The thawte web of trust is way to en­sure the thawty Per­so­nal E-mail Cer­ti­fi­cate ow­ners iden­tity. To get a E-Mail Cer­ti­fi­cate with your own name on it you need to get con­fir­med your own identy by a num­ber of thawty no­ta­ries who can give you bet­ween 10 and 35 trust-points. Once you've collec­ted more then 50 trust-point from two to five no­ta­ries you get your Per­so­nal Cer­ti­fi­cate. If you've got more the 100 trust-point you'll be­come a no­tary by your­self.
Other cer­ti­fi­cate pro­vie­ders, e.g. Ve­ri­Sign, en­sure the iden­tity of a per­son by using a credit card which is the most se­cure way to do that as long no one has sto­len your card num­ber. Fur­ther­more the Ve­ri­Sign ser­vice is not free of charge like thawte.

Why do I need a Per­so­nal email cer­ti­fi­cate (x509)?

A thawte Per­so­nal E-mail Cer­ti­fi­cate (x509) in con­junc­tion with the thawte Web of Trust al­lows you to se­cure and gua­ran­tee aut­hor­ship of your e-mail com­mu­ni­ca­ti­ons by di­gi­tally si­gning and en­crypt­ing your e-mails. Other­wise email com­mu­ni­ca­tion is like sen­ding post­cards ever­yone can read.
It al­lows you to sign and en­crypt all your per­so­nal emails.
You can signs an e-mail so that the re­ci­pi­ent is able to ve­rify the e-mail ad­dress that the mes­sage ori­gi­na­ted from - this in­spi­res trust in those who re­ceive your email com­mu­ni­ca­tion.
You can en­crypts emails to prevent an­yone ex­cept the in­ten­ded recipient(s) from gai­ning ac­cess to the mes­sage con­t­ents. This gua­ran­tees in­for­ma­tion pri­vacy and protection.

But isn't it just enough to use PGP/GPG in­stead of com­pli­cate certificates?

Dra­w­back on PGP, GPG etc. is that every user needs to have some piece of
soft­ware in­stal­led. The ad­van­tage of x509 cer­ti­fi­ca­tes like thaw­tes free one is that al­most every e-mail cli­ent sup­ports it. In con­trast to PGP's pu­blic and pri­vate keys the thawte cer­ti­fi­cats need to be re­ne­wed af­ter one year. That im­p­li­ca­tes to in­form all your ad­dress book con­ta­cts to whom you want to send en­cryp­ted emails by using a x509 certificates.

What are the re­qui­re­ments to send en­cry­ted emails using a thatwe x509 certificate?

First of all you need to re­gis­ter for a Per­so­nal email cer­ti­fi­cate on thawte.com (that pro­ces­ses ta­kes some time and the in­stal­la­tion can be tri­cky for everyday-email-users). As well the re­ci­pi­ents of your en­cryp­ted emails needs to have a x509 cer­ti­fi­cate from thawte or any other (trust­full) pro­vi­der.
Be­fore you can ex­ch­ange en­cryp­ted mes­sa­ges with some one else you need to send him a si­gned email (=a email with your pu­blic key) to si­gnal his email soft­ware the avai­l­a­bi­lity of x509. Now the re­ci­pi­ent need to do the same to give you his pu­blic key. Af­ter the ex­ch­ange of si­gned emails you can send en­cryp­ted emails to that par­ti­cu­lar person.

Any ques­ti­ons on how on get­ting tt­hose things done? Com­ment that post or just email me.