I've had to reinstall Vista (long story) and have just reinstalled Office
2003 as a part of that effort. I have my first email account set up and
receiving mail and I've also added the security program to help define the
various attachments Outlook will let me see (currently set to all). When I
send digitally-signed emails to my home account from work, Outlook won't
(can't?) open them.

My preview pane is set up on the right half of the screen and it says "This
item cannot be displayed in the Reading Pane. Open the item to read its
contents." When I double click on the message header to open it, I get a
message "Can't open this item. An error occurred in the underlying security
system." I've sent my security certificate from my computer at work to the
home computer and installed it and still nothing works. I sort of remember
going through this before when I first installed Vista and I stumbled across
"the" fix but I'll be danged if I can find it again. I'm being more careful
this time and writing down everything I'm doing as I go along.

HELP! Thanks...
--
Rich Turner
Dual Athlon Processor,
Vista-64, Office 2003

"Rich" wrote in message
...

I've had to reinstall Vista (long story) and have just reinstalled Office
2003 as a part of that effort. I have my first email account set up and
receiving mail and I've also added the security program to help define the
various attachments Outlook will let me see (currently set to all). When
I
send digitally-signed emails to my home account from work, Outlook won't
(can't?) open them.

In order to decrypt something someone sends you, you need installed on the
receiving system a digital certificate whose private key matches the public
key with which the message was encrypted. If you reinstalled your operating
system, you destroyed that certificate and unless you reinstall the
certificate you have no hope of decrypting that message. Did you make a
backup of the certificate before performing the reinstall?

I've sent my security certificate from my computer at work to the
home computer and installed it and still nothing works.

Not surprising. The certificate is specific to the mail address to which
the certificate was issued. The mail address where you work is different
than the mail address at your home and the certificate issued to the one
cannot work for the other.

If you no longer have a certificate for your home address, you'll need to
contact the Certification Authority that issued the original certificate,
have them revoke it, and issue you a new one. You can then install that new
one and send signed messages to anyone with whom you wish to exchange
encrypted mail.
--
Brian Tillman [MVP-Outlook]

The message hasn't been encrypted; it only has a digital signature attached
which, as I understand it, is different from the additional measures of
actual encryption.

And, like I mentioned, all of this was NOT necessary when I first installed
Vista/Outlook. I have never had, nor used, a certificate for home. Methinks
there is something else going on. Hopefully we can get to the bottom of this
pretty quick. Thanks for your reply.
--
Rich Turner
Dual Athlon Processor,
Vista-64, Office 2003


"Brian Tillman [MVP - Outlook]" wrote:

"Rich" wrote in message
...

I've had to reinstall Vista (long story) and have just reinstalled Office
2003 as a part of that effort. I have my first email account set up and
receiving mail and I've also added the security program to help define the
various attachments Outlook will let me see (currently set to all). When
I
send digitally-signed emails to my home account from work, Outlook won't
(can't?) open them.

In order to decrypt something someone sends you, you need installed on the
receiving system a digital certificate whose private key matches the public
key with which the message was encrypted. If you reinstalled your operating
system, you destroyed that certificate and unless you reinstall the
certificate you have no hope of decrypting that message. Did you make a
backup of the certificate before performing the reinstall?

I've sent my security certificate from my computer at work to the
home computer and installed it and still nothing works.

Not surprising. The certificate is specific to the mail address to which
the certificate was issued. The mail address where you work is different
than the mail address at your home and the certificate issued to the one
cannot work for the other.

If you no longer have a certificate for your home address, you'll need to
contact the Certification Authority that issued the original certificate,
have them revoke it, and issue you a new one. You can then install that new
one and send signed messages to anyone with whom you wish to exchange
encrypted mail.
--
Brian Tillman [MVP-Outlook]

Just as an FYI -

Our IT person at work suggested using our certificate from work to load on
my home computer. I did this yesterday and it worked. Today, it doesn't
work. I'm back to square one.
--
Rich Turner
Dual Athlon Processor,
Vista-64, Office 2003


"Brian Tillman [MVP - Outlook]" wrote:

"Rich" wrote in message
...

I've had to reinstall Vista (long story) and have just reinstalled Office
2003 as a part of that effort. I have my first email account set up and
receiving mail and I've also added the security program to help define the
various attachments Outlook will let me see (currently set to all). When
I
send digitally-signed emails to my home account from work, Outlook won't
(can't?) open them.

In order to decrypt something someone sends you, you need installed on the
receiving system a digital certificate whose private key matches the public
key with which the message was encrypted. If you reinstalled your operating
system, you destroyed that certificate and unless you reinstall the
certificate you have no hope of decrypting that message. Did you make a
backup of the certificate before performing the reinstall?

I've sent my security certificate from my computer at work to the
home computer and installed it and still nothing works.

Not surprising. The certificate is specific to the mail address to which
the certificate was issued. The mail address where you work is different
than the mail address at your home and the certificate issued to the one
cannot work for the other.

If you no longer have a certificate for your home address, you'll need to
contact the Certification Authority that issued the original certificate,
have them revoke it, and issue you a new one. You can then install that new
one and send signed messages to anyone with whom you wish to exchange
encrypted mail.
--
Brian Tillman [MVP-Outlook]

Anybody have any ideas? I'm totally SOL until I can get the issue resolved.
I know there is something that has to be done to Outlook but it's not easy
to find. I also know it can be done because it's been done before. Thanks,
--
Rich Turner
Dual Athlon Processor,
Vista-64, Office 2003


"Brian Tillman [MVP - Outlook]" wrote:

"Rich" wrote in message
...

I've had to reinstall Vista (long story) and have just reinstalled Office
2003 as a part of that effort. I have my first email account set up and
receiving mail and I've also added the security program to help define the
various attachments Outlook will let me see (currently set to all). When
I
send digitally-signed emails to my home account from work, Outlook won't
(can't?) open them.

In order to decrypt something someone sends you, you need installed on the
receiving system a digital certificate whose private key matches the public
key with which the message was encrypted. If you reinstalled your operating
system, you destroyed that certificate and unless you reinstall the
certificate you have no hope of decrypting that message. Did you make a
backup of the certificate before performing the reinstall?

I've sent my security certificate from my computer at work to the
home computer and installed it and still nothing works.

Not surprising. The certificate is specific to the mail address to which
the certificate was issued. The mail address where you work is different
than the mail address at your home and the certificate issued to the one
cannot work for the other.

If you no longer have a certificate for your home address, you'll need to
contact the Certification Authority that issued the original certificate,
have them revoke it, and issue you a new one. You can then install that new
one and send signed messages to anyone with whom you wish to exchange
encrypted mail.
--
Brian Tillman [MVP-Outlook]

"Rich" wrote in message
...

Anybody have any ideas? I'm totally SOL until I can get the issue
resolved.
I know there is something that has to be done to Outlook but it's not easy
to find. I also know it can be done because it's been done before.
Thanks,

I gave you the answer. There's nothing to be "done in Outlook" if you don't
have the original sert to reinstall.
--
Brian Tillman [MVP-Outlook]

"Brian Tillman [MVP - Outlook]" wrote in message
...

I gave you the answer. There's nothing to be "done in Outlook" if you
don't have the original sert to reinstall.

"Cert", not "sert", of course.
--
Brian Tillman [MVP-Outlook]

No disrespect but you gave me *AN* answer, not *THE* answer.

1) Why did I NOT have to do what you suggest the first time I installed
Vista and Office 2003?
2) Why did the certificate I installed from work (at the suggestion of our
IT folks) work one day and not since?
3) Why did Outlook work today when I opened an email I sent from work in
plain text (with NO digital signature)?
4) Why did Outlook work today when I opened the same exact message sent as
plain text WITH digital signature?

I understand that trying to figure out the various vagaries behind security
implementation schemes can be quite difficult and time consuming; it's always
easier to give a "pat" answer that "always" works because some people have
neither the time or the incentive to help others get to the bottom of the
issue. That's OK; that's life. Just say so and we'll part friends. Giving
an answer of "I already told you" with no other explanations smaks of an
egotistic attitude and does nothing other than insults your customers and
drives them away from your products.

Rich
--
Rich Turner
Dual Athlon Processor,
Vista-64, Office 2003


"Brian Tillman [MVP - Outlook]" wrote:

"Rich" wrote in message
...

Anybody have any ideas? I'm totally SOL until I can get the issue
resolved.
I know there is something that has to be done to Outlook but it's not easy
to find. I also know it can be done because it's been done before.
Thanks,

I gave you the answer. There's nothing to be "done in Outlook" if you don't
have the original sert to reinstall.
--
Brian Tillman [MVP-Outlook]

"Rich" wrote in message
...

No disrespect but you gave me *AN* answer, not *THE* answer.

1) Why did I NOT have to do what you suggest the first time I installed
Vista and Office 2003?

In order to read an encrypted message you MUST have a cerificate installed
that contains the private key matching the public key with which it was
encrypted. There's simply no way around that. You must have installed a
certificate when you installed the first time.

2) Why did the certificate I installed from work (at the suggestion of our
IT folks) work one day and not since?

Since I don't know exactly what you installed (I wasn't there to watch).

3) Why did Outlook work today when I opened an email I sent from work in
plain text (with NO digital signature)?

Naturally if it wasn't encrypted, you could open it. So what? It's
irrelevant.

4) Why did Outlook work today when I opened the same exact message sent as
plain text WITH digital signature?

Having a digital signature attached to a message also has nothing to do with
decrypting. A digital signature guarantees that the mesage came from the
person claiming to have sent it and also provides the public key of the
sender so that you can send that person an encrypted message.

I understand that trying to figure out the various vagaries behind
security
implementation schemes can be quite difficult and time consuming; it's
always
easier to give a "pat" answer that "always" works because some people have
neither the time or the incentive to help others get to the bottom of the
issue.

Clearly you don't have a clue as to how public key encryption works. Since
you don't, you're foolish to disregard the statements of those of us who do.
We're done. I'll bow out.
--
Brian Tillman [MVP-Outlook]

Let me say this one more time:

I AM NOT SENDING MYSELF AN ENCRYPTED EMAIL from work! How much more plain
can I make it? NO ENCRYPTION. DIGITAL SIGNATURES are NOT ENCRYPTED
EMAILS.

If I send myself a DIGITALLY SIGNED email (note I did NOT say ENCRYPTED), I
get the original error mentioned and am still unable to open the message.

If I send myself a PLAIN TEXT email with NO DIGITAL SIGNATURE (again, I did
NOT say ENCRYPTED), I am now getting something like:

======================
Received: from exanpcn27.arinc.com ([144.243.3.28])
by isp.att.net (frfwmxc10) with ESMTP
id 20081118140414M10008906ge; Tue, 18 Nov 2008 14:04:14 +0000
X-Originating-IP: [144.243.3.28]
X-AuditID: 90f3031b-ad381bb0000006a5-b0-4922cb5d8255
Received: from anpcn3.arinc.com (unknown [144.243.79.40])
by exanpcn27.arinc.com (Symantec Mail Security - Out) with ESMTP id
926984DC002;
Tue, 18 Nov 2008 09:04:13 -0500 (EST)
Received: from pfnmb1.arinc.com ([144.243.75.13]) by anpcn3.arinc.com with
Microsoft SMTPSVC(6.0.3790.3959);
Tue, 18 Nov 2008 09:03:28 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----_=_NextPart_001_01C94986.6D483807"

=============================

Everything else in the message is bounded by this type of mime-encoded
header and any binary attachments or inline pictures are all hex-coded
numbers.

There must be some setting inside Outlook or it's properties that will allow
it to decode mime-type messages. I just don't know what that is. Like I
said - it worked once when I first installed Vista and Office, now it does
not work when I had to reinstall Vista.

You said "Clearly you don't have a clue as to how public key encryption
works. Since
you don't, you're foolish to disregard the statements of those of us who
do.
We're done. I'll bow out. " Fortunately (or unfortunately as the case
may be) I do have a clue. I was around when the mechanics of public-key
encryption was detailed and discussed openly in a Byte magazine article 25
or so years ago and which also included basic program code to show how it
all worked.

My problem is how to get Outlook to display mime-formatted messages
properly. You do know what the mime format is, don't you? It is NOT
ENCRYPTION. So get off that dead horse. What I don't know are the
intricacies and obtuse control mechanisms Microsoft has used to drive the
Outlook engine. I need to know the switch to make Outlook display
mime-formatted messages properly.

Since you don't seem to be smart enough to read the question (not read into
the question) and understand the issue involved to form a coherent answer,
maybe (hopefully) someone else here can.



"Brian Tillman [MVP - Outlook]" wrote in message
...
"Rich" wrote in message
...

No disrespect but you gave me *AN* answer, not *THE* answer.

1) Why did I NOT have to do what you suggest the first time I installed
Vista and Office 2003?

In order to read an encrypted message you MUST have a cerificate installed
that contains the private key matching the public key with which it was
encrypted. There's simply no way around that. You must have installed a
certificate when you installed the first time.

2) Why did the certificate I installed from work (at the suggestion of
our
IT folks) work one day and not since?

Since I don't know exactly what you installed (I wasn't there to watch).

3) Why did Outlook work today when I opened an email I sent from work in
plain text (with NO digital signature)?

Naturally if it wasn't encrypted, you could open it. So what? It's
irrelevant.

4) Why did Outlook work today when I opened the same exact message sent
as
plain text WITH digital signature?

Having a digital signature attached to a message also has nothing to do
with decrypting. A digital signature guarantees that the mesage came from
the person claiming to have sent it and also provides the public key of
the sender so that you can send that person an encrypted message.

I understand that trying to figure out the various vagaries behind
security
implementation schemes can be quite difficult and time consuming; it's
always
easier to give a "pat" answer that "always" works because some people
have
neither the time or the incentive to help others get to the bottom of the
issue.

Clearly you don't have a clue as to how public key encryption works.
Since you don't, you're foolish to disregard the statements of those of us
who do. We're done. I'll bow out.
--
Brian Tillman [MVP-Outlook]