Personal Communications provides session security using Microsoft CryptoAPI (MSCAPI). This enables the use of the Transport Layer Security (TLS) security protocols.
The configuration information in this chapter usually applies to TLS. See Using Transport Layer Security for more information.
You can display information about the security aspects of your session by clicking Communication → Security Information from the session menu bar. This provides details about the certificates exchanged during TLS negotiations between client and server.
The digital signature of the certificate authority (CA) is authenticated using a published root certificate of the issuing CA. The client automatically decrypts certain information on the presented certificate using a public key on the CA's root certificate. This step is successful only when the presented certificate was encrypted using a well-guarded, unique, and corresponding private key, known only to the CA. This process can detect (and reject) intentional alterations (forgeries) and the rare garbling that can occur over data circuits. Personal Communications also allows users to use self-signed certificates for this purpose.
Certificates are verified by checking the certificate format and the validity dates, and by verifying that the certificate includes the signature of a trusted certificate authority (or is self-signed).
When a secure connection is established, a padlock icon is displayed in the Personal Communications status bar. Depending on the level of encryption, the icon is accompanied by a number (0, 40, 56, 128, 168, 256). If the session is not TLS-based, the icon shows as unlocked.