Secure data transfer with menten certificate

Thank you very much for your interest in safe communication via internet. As we share your demand for the highest possible degree of safety in data communication, we provide you our security certificate (public key). By using this certificate, your communication with our company is protected by 1024-bit-encryption and prevented from illegitimate access of third parties.

Important note: New certificate as from June 2008

If you are already using the menten certificate and its' root certificates from Deutsche Telekom and CyberTrust, please delete these certificates completely from your certificate manager and use the current certificates (from Deutsche Telekom and GlobalSign) provided for download further down instead!

What do I need the menten certificate for?

Due to the menten certificate (public key) you can verify received e-mails from our company. Moreover, you are able to encrypt e-mails to menten yourself (e.g. in testing periods of communication via as2 with i-effect^®).

The menten certificate is based upon the root certificate of Deutsche Telekom, which in turn is built upon the root certificate of GlobalSign and the root certificate for partners of GlobalSign. You can achieve the highest degree of trustability and the best protection for your e-mail communication by not only using a certificate (like the menten certificate), but by applying the root certificates on which the certificate is based in addition. That's why you should not hesitate to download the root certificates of Deutsche Telekom and GlobalSign as well:

• download menten's certificate now
• download the rootcertificate of Deutsche Telekom now
• download the rootcertificate of GlobalSign now
• download the rootcertificate for partners of GlobalSign now

For advise how to use all the downloaded certificates in your e-mail-correspondency, please see the article "How do I apply the menten certificate" below.

How does the menten certificate and encryption
as such actually work?

Encryption is the process of changing a readable and logic text into a cryptic one by using certain encryption algorythms with one or more keys:

Symmetric key encryption with only one key assumes that both communication partners are in possession of the same key and must have exchanged this key in a safe way before starting to communicate.

Public key encryption features of the usage of a pair of keys for each participant of a communication. One key of each key pair is publicated (the public key which is used for sending an encrypted message to the owner of the key pair), the other key is kept secret (the private key which serves the recipient of an encrypted message for decryption). This system is called asynchronous because each key of a key pair can only be used for encryption or decryption.

menten uses public key encryption with the asynchronous system and provides its' public key on this website. You may use it to send encrypted e-mails to menten. menten is able to decrypt your encrypted e-mails with the counterpart of the public key, the private key. Thus it is guaranteed that only menten as legitimate recipient and owner of the compatible private key can read your dispatched e-mail. In addition, menten can rely upon the fact, that only communication partners in possession of the public key can send its' encrypted e-mails.

How do I apply the menten certificate?

You have downloaded the menten certificate, now you want to use it! For this purpose, the certificate has to be stored in your own keystore (you may es well use the keystore manager which is automatically installed with i-effect^®).

E-mail-Clients such as Outlook or Thunderbird are offering you a manager to administrate your certificates. With the certificate manager you can collect the keys of your communication partners and set up profiles. For the setting up of these profiles, please ask your data protection officer or the system operator of your company for help.

If you are setting up the profiles yourself, please note: If you are only applying the menten certificate and resign to use the root certificate of Deutsche Telekom, the rootcertificate of GlobalSign and the rootcertificate for partners of GlobalSign in addition, your e-mail-client will draw to your attention that the menten certificate cannot be definitely assigned. Please take our advise and add all the required certificates which the menten certificate is based upon to your certificate manager. Otherwise, please confirm to your certificate manager that the menten certificate should be accepted anyway.

Prior to dispatch of a new e-mail, you can chose from your options wether a message should be encrypted or not. On demand, your certificate manager will offer you a list of all available keys.

Where can I get a certified key myself?

Only certified keys guarantee the authentification and verification of communication partners. A certified key disposes of a digital certificate which contains the key(s) and further information for authentification as well as encryption and decryption of sensible data that is transferred via internet. This key can definitely be connected with a certain person or organization.

You may apply for your own digital certificate at a certificate authority, e.g. at http://www.cybertrust.com.