| Under Construction   
Thawte, a South African based company, has adapted the Web of Trust idea to the issuance of X.509 Certificates
through a network of Digital Notaries.  You  present proof of identity to
 Notaries and can then request a certificate.See: Secure Email and Notaries (You must join first)
   Thawte WoT Notarization procedures
Source: WebWarren.com/ACGNJ-talks/Go to the Thawte web site (
https://www.thawte.com/) and see Web of Trust Overview
for a description of the certificates and their uses.
[NOTE: Your Thawte ID can be either your verified e-mail address or the nid-1 (Namespace ID) format,
YOUR choice. (Personally, I'd suggest an e-mail address that's unlikely to change.)]Sign up for the Freemail certificate program by choosing the 
Secure Your E-mail link.Respond as requested to the e-mail verifying your e-mail address. Once you submit the the probe and ping you do not
have to request a certificate immediately (see next step).
You may be asked for the following:
Character Set (Use ISO-8859-1 - Latin-1 for western european and US)
 Your national identification number, passport number, driver license number or tax number, depending on your nationality.
  Your full name and date of birth.
  Your Email Address to be used as your Thawte Username
  Your employer's name, size and address (if you are employed).
  Your home address and contact details.
  Your preferred currency.
Unless you NEED a certificate prior to getting all your notarizations, WAIT  until after you have been asserted
to the 50 point level and can get certificates with your name in them.  Notaries can assign between 10 and 35 points. Go to View Notary Map at Find a Notary (You must join first). Go to Country > State > County to find a notary.
 Then select allow notary to view your details.
Have a photocopy of the below ID(s) for each Notary who will be asserting you. Bring one or more forms of ID with you to the meeting.  One needs to be a photo ID, one must have what you are using
as your "National Identification Number" (NID).  If you use your Driver's License Number or passport number for your NID a photo Driver's
License or passport alone would be enough.  If you use your Social Security Number you must present your ORIGINAL Social Security
Card plus a photo ID.You will get e-mail to confirm that you have just been notarized.
It will tell you to the Certificate Request Page at Thawte.
You can request a certificate specifying your software (Netscape, Outlook, ...) For an X.509 certificate, please choose your software from the list below:
 * Mozilla Firefox/Thunderbird, Netscape Communicator/Messenger
 * Microsoft Internet Explorer, Outlook and Outlook Express
 * Lotus Notes R5
 * OperaSoftware Browser
 * C2Net SafePassage Web Proxy
 
See:How to Set Up Encrypted Mail on Mac OS X | O'Reilly Media
 Note: For Mac Mail you need to specify "test".
 You also need to specify a password
 See:
 good passwords.
 How to setup mail.app to use a Thawte Certificate at massPerception.com
 OS X 10.3: Mail - How to Use a Secure Email Signing Certificate (Digital ID) at support.apple.com
 
 You will get another e-mail from Thawte saying "Personal Cert Issued",
with a link to a page where you can download it.Notes:
 
 
Common filename extensions for X.509-certificates are:You  need to be running the same browser, on the same machine, logged in as the same
user, as you were when you made the request.
Some browsers will download the certificate when you click fetch without any indication that they did anything.  Most email software has an option to view your certificate where you can verify you got it.
Newer versions of the Safari browser on the Macintosh will automatically put the certificate in your Keychain where Mac Mail can find it, but you may have to move it to use Thunderbird.
 
    * .DER - DER encoded certificate
    * .PEM - (Privacy Enhanced Mail) Base64 encoded DER certificate,
    * .P7B - See .p7c
    * .P7C - PKCS#7 SignedData structure without data, just certificate(s) or CRL(s)
    * .PFX - See .p12
    * .P12 - PKCS#12, may contain certificate(s) (public) and private keys (password protected)
See: Download Personal Email Certificate at ThawteX.509 at wikipedia
 Server Certificates at CMU
 Certificates at MIT
 Import and Export (Backup) Personal and CA Certificates into and from Applications at Fermi Lab
 
Notary Points:
 
New notary: 10 points             After 15 assertions: 25 points 
After 5 assertions: 15 points     After 25 assertions: 30 points 
After 10 assertions: 20 points    After 35 assertions: 35 points 
Thawte Main Office: Cape Town, South Africa.
 +27 21 937 8902
 
US Office: Mountain View, CA+1 650 426 7400
 cs-support@thawte.com
 
Thawte Links:www.thawte.com/wot/index.html
 Web of Trust Overview
 Protect your E-Mail Guide www.thawte.com/guides/download/wot_dl.html
 Other security Guides www.thawte.com/guides/
 You can request a free personal e-mail certificate at:
www.thawte.com/email/index.html
 Secure Your E-mail
 You may have to have an account and login to see the following:
 Step-by-step Guide
 Your Account
 NJ Notaries
 Request a Certificate
 Tech Support
 
 
Misc Notes:Their web site is very confusing:
In one place it asks you for your Certificate code:
There is not certificate code for personal email  certificates.
 Uses:
 Restrict access to a Web site to people with certificates.
 e.g. by setting up access control lists in each directory you want to restrict.
 
 
Links:Thawte FAQ 1
 Return to Computer Security
 
last updated 5 Feb 2006 |