Lexmark X782e PKI-Enabled Pre-Installation Guide - Page 28

PKI Pre-Installation Guide 5.6.2 Email Encryption Emails can only be encrypted when the encryption certificate can be found for each of the recipients - this limits encrypted emails to those users in the global address book. The encryption certificate on the card (if available) is used for the authenticated user if he/she sends email to his/herself. 1. This feature can be always disabled, always enabled, or the user can be prompted. The prompt that appears depends on the signing setting. □ Always Disabled □ Always Sign □ Prompt User 2. When the email is both signed and encrypted, it can be signed once or twice. When signed twice, the email is signed, encrypted, and then the resulting message is signed again. Choosing the double-signing methods reduces the maximum allowed email size to approximately 15MB. Which method should be used? □ Sign and Encrypt □ Sign and Encrypt and Sign Again 3. The LDAP configuration designated for the Address Book Lookup in section 5.5 is used for searching for the encryption certificates. A primary and alternate LDAP attribute can be specified for the location of the user's certificates. The defaults are "userSMIMECertificate" and "userCertificate", respectively. If different attributes should be used, specify below. Primary LDAP Attribute Alterrnate LDAP Attribute The primary attribute is searched first; if no valid encryption certificate is found, the alternate attribute is searched. If no valid certificate is found, an error message is displayed and the email is cancelled. 5.6.3 Results The following table details the results based on the email signing and encryptions specified above. Version 2.0.0 Page 24