Send/Read Signed and Encrypted Mails with Thunderbird

Send/Read Signed Email Messages

A digital signature is a combination of your private key and the message. It authenticates you as the message sender and verifies the integrity of the message.

With ActivClient, the digital signature is performed directly on your smart card.

Prerequisites:

  • Thunderbird is installed on your computer.

  • A certificate with email signature capabilities is available on your smart card.

  • You have successfully configured Thunderbird to use ActivClient, see Firefox and Thunderbird Support.

Note: The ActivClient PKCS#11 library supports CKF_PROTECTED_AUTHENTICATION_PATH flag defined in the PKCS#11 standard. Some PKCS#11 enabled applications(Thunderbird) do not support this flag; this might lead to integration issues (Sign and Encryption of mails). If you run into such issues, you might configure ActivClient to disable this feature by creating the isCKF_PROTECTED_AUTHENTICATION_PATHsupported key (as a DWORD) in HKLM\SOFTWARE\HID Global\ActivClient\PKCS11 and setting it to 0.

Send Signed Email Messages

  1. Insert your smart card (chip-side up and chip first) into the smart card reader.

  2. Start your email client.

  3. Click Write.

  4. Compose your mail and go to Security (on the top toolbar of your mail) and select Digitally Sign this message and encrypt.

  5. Click Send.

  6. Enter your PIN.

  7. Verify the sent email has been signed.

Read Signed Email Messages

  1. Insert your smart card (chip side up and chip first) into the smart card reader.

  2. Start your email client.

  3. In your Inbox, click on the signed message you want to read.

    If the sender is successfully authenticated, the message appears with a secure message icon.

Send/Read Encrypted Email Messages

Encrypting an email message guarantees that only the proper recipient can open and read the message and its attachments. Email encryption is based on the public key infrastructure.

Decrypting an encrypted email message is performed directly on your smart card for increased security.

Prerequisites:

  • Thunderbird is installed on your workstation.

  • A certificate with email signature capabilities is available on your smart card.

  • You have successfully configured Thunderbird to use ActivClient, see Firefox and Thunderbird Support.

Send Encrypted Email Messages

  1. Insert your smart card (chip-side up and chip first) into the smart card reader.

  2. Start your email client.

  3. Click Write.

  4. Compose your mail and go to Security (on top of the email toolbar) and select Encrypt this message.

  5. Encrypt your mail.

  6. Click Send.

  7. Enter your PIN.

  8. Look in your Sent Items for the sent email and verify it is encrypted.

Read Encrypted Email Messages

  1. Insert your smart card (chip-side up and chip first) into the smart card reader.

  2. Start your email client.

  3. Select the encrypted email.

  4. Enter your PIN when prompted.

  5. Read the encrypted mail in clear text.