Re: Email encryption with Blackberry

[gjgowey () tmo blackberry net]

I'm curious.  This is a far different response than I got from rim when I talked to them on the phone.  They said to me 
that I couldn't use the s/mime solution from them because it required a bes server and that the crypto actually took 
place on the bes server and not the phone.

Geoff

Sent from my BlackBerry wireless handheld.

-----Original Message-----
From: "Roger A. Grimes" <roger () banneretcs com>

Date: Sat, 13 Oct 2007 14:11:03 
To:<gjgowey () tmo blackberry net>,"soul" <soul1273 () yahoo fr>,<security-basics () securityfocus com>
Subject: RE: Email encryption with Blackberry


Yes, you can use S/MIME with Blackberries.  You have to obtain the RIM
S/MIME Package, which is an add-in to the regular RIM desktop client.
Then you MUST connect your Blackberry to the desktop with a physical
cable (serial, USB, etc.).  The S/MIME package downloads the installed
S/MIME keys from desktop/laptop computer to your Blackberry where they
can be used to read and encrypt/sign email in the Blackberries.
Unfortunately, creating encrypted email on the Blackberry isn't super
easy, but at least your end-users can read encrypted email easily.

You'll need to make sure that any the S/MIME keys needed (including the
public keys from others) are installed on the desktop before sync'ing
the S/MIME Package to the Blackberry, so it can transfer the keys.  And
if an new public key is sent to the user, they'll have to re-sync to get
the new key.

Also, you must have a Blackberry model capable of supporting S/MIME,
which the most current models do.

Roger

*******************************************************************
*Roger A. Grimes, Senior Security Consultant
*Microsoft Application Consulting and Engineering (ACE) Services  
*http://blogs.msdn.com/ace_team/default.aspx
*CPA, CISSP, CISA MCSE: Security (2000/2003), CEH, yada...yada...
*email: roger () banneretcs com or rogrim () microsoft com
*Author of Windows Vista Security: Security Vista Against Malicious
Attacks (Wiley)
*http://www.amazon.com/Windows-Vista-Security-Securing-Malicious/dp/0470
101555
*******************************************************************



-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of gjgowey () tmo blackberry net
Sent: Thursday, October 11, 2007 2:49 AM
To: soul; listbounce () securityfocus com;
security-basics () securityfocus com
Subject: Re: Email encryption with Blackberry

I can't give any definitie answers about the rim s/mime product, but I
can note a few things.  I have a thawte freemail cert and my blackberry
can import the cert without problem.  The steps are to get the cert from
thawte on the desktop, export it to file, and use the blackberry desktop
to push the cert onto the blackberry.  

Now I can't tell you anything further than that since I don't have the
s/mime product, but I know that much works.  I'm imagining though that
the next few steps from there to make that cert work with s/mime
probably aren't that many.  

Geoff

Sent from my BlackBerry wireless handheld.

-----Original Message-----
From: soul <soul1273 () yahoo fr>

Date: Thu, 11 Oct 2007 06:39:40
To:listbounce () securityfocus com, security-basics () securityfocus com
Cc:gjgowey () tmo blackberry net
Subject: Email encryption with Blackberry


Hi all
We are trying to implement an email encryption solution for our users.
Our environment is Microsoft Exchange and Oulook 2003 client. the Top
management use Balcberry.
We chosed the Verisign Digital IDs certificate to encrypt ans sign email
with S/MIME in outlook 2003.

We want now to enable email encryption on the Blackberry using the same
Verisign certificates.
Is this possible? and how to do it? can the Balckberry email client use
the certificate to encrypt the email?

Thank you.
Soul


________________________________________________________________________
_____ 
Ne gardez plus qu'une seule adresse mail ! Copiez vos mails vers Yahoo!
Mail