[Mac_crypto] About AIM Personal Certificates

R. A. Hettinga mac_crypto@vmeng.com
Sun, 8 Jun 2003 17:46:43 -0400


Encrypted Instant

AIM users can now send and receive messages, participate in
chats and send files using industry-standard digital encryption using AIM
(version 5.2.3211 or higher, Windows operating systems). 

Messages sent
between AIM users with security credentials are digitally signed and
encrypted and remain encrypted during message transmission. Referred to as
"end-to-end encryption", AIM encryption goes beyond basic Secure Socket
Layers (SSL) encryption - which is commonly used for encrypting messages
between a user's browser and a server's web site. 

Enterprise AIM Services

Our new Enterprise AIM Services offering provides businesses the services
and tools needed to manage AIM communications, ensure security and maintain
consistent user identities across e-mail and instant messaging.   This

AIM: Desktop communications tool with access to over 190
million registered members 

AIM Enterprise Gateway: Enhances security,
management and control for IT professionals 

AIM Private Domain Services:
Maintains consistent user identities across corporate communication tools

AIM Federated Authentication services: Authenticates users to the AOL
Network from your Corporate Directory 

AIM Security Credentials: Digital
certificates to guarantee identity of users and enable encryption exchanges
between security-enabled clients 

Advantages of Digital Certificates over
SSL for encryption 

Although SSL is widely used,  it does not provide the
best security over a Public Instant Messaging network. This is because SSL
decrypts the message package at the server interrupting encryption and
relaying an unencrypted message over the Public Instant Messaging server
network. The end-to-end encryption featured in AIM, is superior to SSL
because message content remains encrypted  during the entire message
transmission.  After the recipient's identity is verified via the
corresponding certificate, the message is  decrypted successfully
accomplishing a secure end-to-end encryption. 

More on Personal

Security credentials that enable these capabilities -
Personal Digital Certificates - are an optional service available to
enterprises as part of the Enterprise AIM Services offering. Personal
Digital Certificates are electronic files that: 
Guarantee (or
authenticate) the personal identity of the AIM member 
Encrypt data to
ensure that message exchanges are protected against theft or tampering

AIM users can send and receive both encrypted and standard AIM messages.
Messages exchanged with users that have security credentials are encrypted
and messages with standard AIM users are not encrypted. 

How Personal
Digital Certificates Work 

Personal Digital Certificates are based on
Public Key Infrastructure (PKI) technology. PKI technology uses a  Public
Key and Private Key to identify you and encrypt messages.  No two keys are
ever identical, which is why a key can be used to identify its owner.  Each
key is like a unique encryption device. What a public key encrypts, only
the corresponding private key can decrypt, and vice versa. 

The Personal
Digital Certificates used by AIM allow you to identify yourself and to
encrypt and decrypt messages between AIM users with  Personal Digital
Certificates. When Digital Certificates are present, a message is digitally
encrypted and signed by the senders Private Key then sent to the recipient.
When the recipient receives the message the senders Public Key and Private
Key must successfully correspond prior to decrypting the message. What a
Private Key encrypts, only the corresponding Public Key can decrypt, and
vice versa. With AIM all of these sophisticated checks are performed
without noticeable delays in speed of message exchange. 

Advantages of
Digital Certificates over SSL for encryption 

More on Personal

How Personal Digital Certificates Work 

Sales Inquiry


Knowledge Base 

R. A. Hettinga <mailto: rah@ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'