Office 365 - Support for Message Encryption and UW-Madison's Digital ID Service
- What is a Digital ID?
- A Digital ID is an official way of validating who is who on the Internet. It enables you to verify that the email and documents you send and receive are from the real authors.
- What is S/MIME?
- S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption and signing of MIME data.
- What is Office Message Encryption (OME)?
- OME combines email encryption and rights management capabilities. Email message encryption helps ensure that only intended recipients can view message content.
Q. What are the uses for Digital ID and Office Message Encryption (OME)?
- A digital ID
- Helps others know that you are who you say you are
Stops anyone from using your account
Can prevent snoopers from reading messages in transit
Protects your computer in case it is stolen
- OME allows you to
- Tag a message if it can be forwarded or not, set as confidential, or set as confidential view only
Both these features can be used simultaneously within Outlook desktop clients.
Q. Does Office 365 using a desktop client (Outlook) support S/MIME email signing and encryption with UW System's Public Key Infrastructure (UW Digital ID)?
A. Yes. Email signing and encryption with Office 365 has been evaluated by the UW Digital ID Team. S/MIME signing and encryption will continue to function in the same way it does currently for desktop clients such as Outlook and others. These clients will manage UW Digital ID (X.509 certificates) in the same manner they do today.
What does this mean?
- You can read, reply, or forward digitally signed email.
- You can create digitally signed email.
- You can read and create S/MIME encrypted email.
Q. Does the Office 365 web interface (Outlook on the web) support S/MIME email signatures with UW System's Public Key Infrastructure (UW Digital ID)?
A. No, Office 365 Outlook on the web does not support this capability.
What does this mean?
- You can read, reply, or forward digitally signed email (if you click the blue "click here" link or open (double-click) the message in a separate window).
- You cannot create digitally signed email.
- You cannot create S/MIME encrypted email.
- Actions/symbols on message ribbon affected if message contains digital signature.
- For example, if a message contains a digital signature, the reply icon will be replaced by the digital certificate icon.
- Microsoft confirmed that this behavior is functioning as designed. If you would like this behavior modified, please provide your feedback.
- In Conversation view or the Preview pane you may not be able to read, reply to, or forward digitally signed email messages depending on which version of Outlook on the web your account is on.
- You will see a red gum ball indicator with message: "S/MIME isn't supported in this view. To view this message in a new window, click here."
- Reply, Reply All, Forward links will be unavailable or grayed out. Attachments will also be unavailable.
- Microsoft is aware of this behavior and has stated that this is by design.
- The UW-Madison Office 365 team has requested that this behavior be changed. Microsoft has received our feedback and will assess the need to make this change in a future version.
Note: If you need to use S/MIME email signing or encryption, we recommend you use a desktop email application such as Outlook. View Microsoft documentation for further details.