Apple and encryption

Once you go through the process of setting up and getting a certificate from a certificate authority, signing and encrypting mail in Mail.app is remarkably transparent. But there are drawbacks, such as each computer you use for sending and receiving mail must have a copy of the certificate, and if you use a webmail client to access your mailbox, you cannot read or send encrypted or signed mail. Being locked out of webmail is a bother for people who use different computers in the day.

This could be an opportunity for Apple to deliver more value with the .Mac service: Set up a relationship with Thawte or Verisign, or even become your own certificate authority, then make the certificate registration as painless as possible. Sign up for .Mac, go through the usual setup routine, and boom, there’s your certificate.

After that, include the certificate in iSync to make it super easy for people to get it on to different machines, and also include it in the .Mac webmail interface.

All of a sudden, Apple’s way ahead of the pack in enabling painless message signing and encryption for customers around the world.