How does Secure Email work?
The exchange of secure emails is based on digital certificates used for both signature and encryption. This means that the certificates practically act as digital passports.
The digital certificate can be used to send electronically signed emails. Any modifications in transit can be detected, and the origin of the email can be unambiguously identified. This guarantees email authenticity and integrity.
Encryption is used to send confidential information on a secure basis. Again, the recipient's certificate (public key) is required. Therefore, the public keys must be exchanged prior to the first use of encryption. In the case of S/MIME, the exchange of signed emails is usually sufficient. The digital certificate will be available in the email program after automatic or manual import. For PGP, the public PGP key must be sent as an email attachment.
The PKI of Carl Zeiss AG consists of a two-level certification infrastructure with two certification authorities (CAs): the root CA of Carl Zeiss AG and the operational CA for the email gateway.
The root CA is exclusively used to certify other (subordinate) CAs.
The use of the issued certificates is strictly limited to the protection of email communication within the context of Carl Zeiss AG business issues. Any use of the certificates for other purposes is not permitted.
The CA certificates and the current revocation lists are available under the tab Certificates.