This describes how to send encrypted external email using Lotus Notes. Peer-to-peer exchanges within DDC-I are automatically encrypted within the Lotus Notes server.

There is another howto in Lotus Notes that has pictures. When prompted, respond with your notes user and password.

Before you can send encrypted email you must establish a trust relationship.

Compose an email to the recipient you wish to send encrypted emails. Before sending select Delivery Options... and put a checkbox before Sign.

Send the email. Ask the recipient to respond and sign their response. Here is a suggested message:

 Before we can exchange sensitive information we need to establish a
 way to encrypt the data.  This email message is "signed" please
 import my certificate into your email system and then respond to
 this message with a signed message.  Once I get your response we can
 start encrypting our communication.

Asking for a "sign"ed message tells Lotus to send your certificate to them. When they get the message they need to import your certificate into their email system. They should know how to do that.

When you get their response do either:

1. Delete the contact you have for them. Obviously you'll want to keep track of the information you have stored for them other than their email. Open the message. In the toolbar above the message there should be a drop down menu More. Select that and then Add sender to Address Book.

or

2. Open the message. In the toolbar above the message there should be a drop down menu More. Select that and then Add sender to Address Book. Make sure you put the same contact name in so that it merges with the contact you already have for them. If you get this wrong, life gets complicated. You are on your own.

You can confirm the certificate was added by going to Open/Contacts and open the contact information for the party in question. In the preview pane there are tabs for Comments, Name Information, and Certificates. There should be an Internet Certificate: line saying Present.

Now Reply to the message and do Delivery Options... and put a checkbox next to Encrypted. If the email is sent, then you were successful. If Lotus tells you it will send unencrypted, then you failed. You are on your own.

Certificates expire periodically, e.g., yearly. When the certificate of someone you interact with expires, you won't be able to send or receive encrypted email until you update the certificate for them. Have them send you a signed email, and when you get it, you can do either:

1. In the More dropdown menu, select Add sender to Address Book
, if that results in a dialog box that says This entry is already in My Contacts, then just select Replace contact information, verify the updated contact info doesn't screw anything (usually the name information is mangled), and select OK, if not, go to step 2.

Once you've established a trust relationship, sending encrypted email is easy.

Compose a message and select Delivery Options... and put a checkbox next to Encrypt.