End-to-end-encryption
TOPKI | End-to-end encryption | Windows PKI
Sending a secure email using end-to-end encryption (e2ee) is possible today for every user with standard applications like Outlook but also with smartphones like the iPhone or several Android devices. By this a seamless end to end encryption is possible where the originator may perform mail encryption directly on his endpoint device. Only the intended recipient may decrypt and read the encrypted mail on his device. Eavesdropping of a message with end to end encryption is even not possible for intelligence agencies. At the same time a cryptographic email signature provided by the originator can prove the origin and authenticity of the message. The S/MIME encryption being used is supported natively by all popular email applications with a built-in S/MIME client without the need for additional encryption software. You do not need so called secure email gateways for a central email encryption service any more. Quite the contrary, using them would undermine the end to end encryption at the expense of security because e-mails are decrypted and re-encrypted here on their route.
In order to provide a really global end to end security with ordinary partners some fundamental tasks have to be done:
You have to use recognized certificates from a globally trusted root CA Certificate issuance and management must be done mostly automatically Easy email encryption to external partners must be possible A user may encrypt, decrypt or sign data on all of his devices
The Secardeo solution “TOPKI” (Trusted Open PKI) fulfills all the required tasks for seamless end to end encryption (e2ee) for a user. In order to perform iOS or Outlook email encryption, the required private keys and certificates are being distributed automatically to the user’s devices. With it he can also read S/MIME encrypted emails on all of his devices. Using TOPKI, a user does not have to care about how to encrypt emails on the endpoint device. Your advantages are:
use of globally accepted email certificates uninterrupted end to end encryption of emails Secure email with standard desktop clients like Outlook, Thunderbird, Notes, Acrobat encryption with your mobile devices like iPhone, iPad, Samsung Galaxy without additional encryption apps Completely transparent to your users Automatic certificate registration, issuing and renewal Automatic provisioning of partner S/MIME certificates at your client secure archival of private keys within your organizationWhitepapers:
Trusted Open PKI – „TOPKI“
Video:
TOPKI introduction
Office 365 OME or S/MIME - Handout
PKI Automation - Handout
User storys:
Dräger user story 
User story certificate distribution
User story TOPKI
User story certBox