Secure Messaging
We recognise the increasing importance to our clients of protecting and securing emails and are able to offer a number of technologies for secure messaging.
S/MIME encryption
S/MIME is a standard protocol for signing and/or encrypting messages using digital S/MIME certificates (officially known as X.509 certificates).
Freshfields Bruckhaus Deringer user certificates are issued by Comodo security services. Since the Comodo Authority’s certificate is widely distributed and embedded in most email clients, you may not need to take any special action before using certificates that we issue to our employees.
If you do require our root certificate, please download it from here: (X.509 format, DER encoded)
| Certificate name | Algorithm | Thumbprint | Download |
|
AAA Certificate Services
C*O*M*O*D*O |
Sha1RSA |
d1:eb:23:a4:6d:17:d6: 8f:d9:25:64:c2:f1:f1: 60:17:64:d8: e3:49 |
|
|
Certificate Revocation List (CRL) Distribution Point 1 |
http://crl.comodoca.com/UTN-USERFirst-ClientAuthenticationandEmail.crl | ||
|
Certificate Revocation List (CRL) Distribution Point 2 |
http://crl.comodo.net/UTN-USERFirst-ClientAuthenticationandEmail.crl | ||
How to obtain our S/MIME user certificates
To query our X.509 user certificates for S/MIME email encryption, please send a signed message to certquery@freshfields.com and use the email address of the person whose certificate you require as the subject line. Within a few moments you will receive an auto-generated message with the requested user certificate.
Alternatively, if your application supports LDAP certificate directories you may wish to configure your system to point directly to ldap://keys.freshfields.com
PGP encryption
PGP (Pretty Good Privacy) is a popular technology used for signing and/or encrypting messages and involves OpenPGP keys.
Freshfields Bruckhaus Deringer users are assigned OpenPGP keys, you may use the web address http://keys.freshfields.com to search and download these keys.
Alternatively, if your application supports LDAP key servers you may wish to configure your system to point directly to ldap://keys.freshfields.com
TLS encryption
Our mail gateways fully support Transport Layer Security (TLS). This allows gateway to gateway encryption of all email traffic between Freshfields Bruckhaus Deringer and clients that use TLS. Please use the contact form at the bottom of this page if you would like more information about this service.
Further information
If you have any further questions regarding the Freshfields Bruckhaus Deringer secure messaging systems, please complete the below form: