|
The new encryption dialog provides control over all input
and output options as well as convenient access to all existing
certificate stores for recipient selection:
Special Features
S/MIME v3 CMS Support
SecretAgent now offers CMS as an alternative to the native .SA5
output format. You may create encrypted, or encrypted and signed,
messages and exchange them with users of other RFC3852-compliant
(S/MIME) applications (e.g., OpenSSL). Encrypted and/or signed message
you receive in Microsoft Outlook Express can now be decrypted/validated
using SecretAgent.
OpenPGP Support
SecretAgent can also create and decrypt OpenPGP files that you may
exchange with users of other OpenPGP-compliant applications. (At this time,
digital signatures are not supported with this file format. If you received
an encrypted and signed OpenPGP file, SecretAgent will decrypt it but ignore
the signature information.)
Auto-Update Functions
SecretAgent for Windows can be configured by PolicyAgent to periodically
poll a specified server for updated (digitally signed) security policies.
This mechanism allows an enterprise to "push out" to their end-users updated
policies (with new trusted root certificates or new CRL distribution points,
say) whenever the situation calls for it. Individual end-user machines need
not be reconfigured individually and the update process is completely user-
transparent.
SecretAgent can also be configured to automatically poll a server for
authenticated software updates.
Enhanced LDAP Support
Our certificate retrieval logic now supports administrator-configurable
static LDAP groups and parametrized LDAP queries. In an enterprise setting,
SecretAgent/Windows can also periodically poll a network server for digitally-
signed software updates and revised security policies.
Importing, exporting, viewing, and distributing certificates
Certificate Explorer simplifies many certificate management functions.
Users can import and export keys in a wide variety of certificates formats.
The latest version even allows you to export your X.509 RSA certificate as
an OpenPGP V4 key that any PGP 6/7/8 user can use to encrypt files.
To view a certificate, simply right click on it and select Properties
in the pop-up context menu.
Certificates stored in folders can be exchanged easily with others on
the network. Just open the certificate folder that contains the certificate(s)
you are looking for and drag those certificates to your own certificate explorer.
Standard Features
E-mail Client Integration
SecretAgent for Windows offers seamless integration with popular email
clients. Plug-ins for Microsoft Exchange, Outlook 98/2000/XP, and Lotus
Notes may be downloaded from the Support page of our website.
SecretAgent also has the ability to send encrypted and/or signed documents
using any Windows e-mail application that provides MAPI support.
Microsoft Office Suite Integration
The SecretAgent integration with Word, Excel and PowerPoint allows you to encrypt
or sign documents from within these Microsoft Office applications. For example, in
Microsoft Word you get a new toolbar that makes it easy to run the following macros:
 encrypts the current document
 signs the document creating a detached .sgn file
 signs the document by
inserting your digital signature into an embedded graphic at the end of the document;
this macro also locks the document against changes
 validates an embedded signature,
displaying the distinguished name of the signer
 removes an embedded signature
and unlocks the document
Automatic File Security
Automatic encryption allows you to transparently protect sensitive files stored on
your PC. Users can specify sets of folders that are automatically encrypted when
SecretAgent exits and automatically decrypted when it starts back up. These events
can be tied to the Windows startup and shutdown processes. (Note:
SpyProof! is a much
more transparent solution —files remain encrypted at all times so there is no wait
for files to be decrypted and re-encrypted.)
Self-Decrypting Archives
SecretAgent 5 allows you to create and send encrypted files to other Windows
users who can decrypt them without needing SecretAgent 5. (Support for UNIX target
platforms may also be available; contact ISC for details.)
Secure Password Generation
An integrated (FIPS 181
-compliant) pronounceable password generator suggests
passwords that can be easily remembered, yet cannot be found via an exhaustive
on-line dictionary-type attack and hence are extremely difficult to guess.
(PKCS#8 "password-based encryption" using TDES is used to protect locally
stored RSA and DSA private key files.)
Hashing
When asked to "inspect" any file (with a filename extension other than
.sa5, .saa, or .sgn), the GUI now computes and displays the SHA-1 and MD5
message digests of that file. Command line builds can provide MD2, MD5, and
SHA-1/256/384/512 message digests for any file.
Hardware Support (PKCS#11 Tokens)
SecretAgent for Windows supports a growing number of smartcards and other
hardware tokens. For more information please see the techinfo page of our website.
|
