Office 365 - Support for Message Encryption and UW-Madison's Digital ID Service

What is a Digital ID?
A Digital ID is an official way of validating who is who on the Internet. It enables you to verify that the email and documents you send and receive are from the real authors.

What is S/MIME?
S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption and signing of MIME data.

What is Office Message Encryption (OME)?
OME combines email encryption and rights management capabilities. Email message encryption helps ensure that only intended recipients can view message content.

Q. What are the uses for Digital ID and Office Message Encryption (OME)?

A digital ID
Helps others know that you are who you say you are
Stops anyone from using your account
Can prevent snoopers from reading messages in transit
Protects your computer in case it is stolen

OME allows you to
Tag a message if it can be forwarded or not, set as confidential, or set as confidential view only

Both these features can be used simultaneously within Outlook desktop clients.

Q. Does Office 365 using a desktop client (Outlook) support S/MIME email signing and encryption with UW System's Public Key Infrastructure (UW Digital ID)?

A. Yes. Email signing and encryption with Office 365 has been evaluated by the UW Digital ID Team. S/MIME signing and encryption will continue to function in the same way it does currently for desktop clients such as Outlook and others. These clients will manage UW Digital ID (X.509 certificates) in the same manner they do today.

What does this mean?

  • You can read, reply, or forward digitally signed email.
  • You can create digitally signed email.
  • You can read and create S/MIME encrypted email.

Q. Does the Office 365 web interface (Outlook on the web) support S/MIME email signatures with UW System's Public Key Infrastructure (UW Digital ID)?

A. No, Office 365 Outlook on the web does not support this capability.

What does this mean?

  • You can read, reply, or forward digitally signed email (if you click the blue "click here" link or open (double-click) the message in a separate window).
  • You cannot create digitally signed email.
  • You cannot create S/MIME encrypted email.
  • Actions/symbols on message ribbon affected if message contains digital signature.
    • For example, if a message contains a digital signature, the reply icon will be replaced by the digital certificate icon.
    • Microsoft confirmed that this behavior is functioning as designed. If you would like this behavior modified, please provide your feedback.
  • In Conversation view or the Preview pane you may not be able to read, reply to, or forward digitally signed email messages depending on which version of Outlook on the web your account is on.
    • You will see a red gum ball indicator with message: "S/MIME isn't supported in this view. To view this message in a new window, click here."
    • Reply, Reply All, Forward links will be unavailable or grayed out. Attachments will also be unavailable.
      • Microsoft is aware of this behavior and has stated that this is by design.
      • The UW-Madison Office 365 team has requested that this behavior be changed. Microsoft has received our feedback and will assess the need to make this change in a future version.
  • Note: If you need to use S/MIME email signing or encryption, we recommend you use a desktop email application such as Outlook. View Microsoft documentation for further details.

See Also:

Keywords:microsoft office o365 outlook on the web 2019 2016 web app support s/mime mime smime email encryption uw-madison public key infrastructure digital id web interface pki signatures signing signed messages emails digitalid encrypting encrypted ome office message encryption do not forward confidential view unable to reply replying   Doc ID:32952
Owner:O365 S.Group:Office 365
Created:2013-08-22 12:52 CSTUpdated:2021-01-25 06:21 CST
Sites:DoIT Help Desk, DoIT Tech Store, Identity and Access Management, Office 365
Feedback:  0   1