Let us draw the Cryptigo E2K3 Test environment briefly:
There is a company that exchanges electronic mail with its business partner. Unfortunately, some of the partners were obliged to encrypt all their electronic mail. This way, our company was forced to start encrypting email to some of its partners. To cut the costs the company decided to outsource as much services as possible. They did not install any PKI-related services or machines, purchased their certificates in a well-known commercial CA and ordered their Exchange administrator to learn about S/MIME and PKI: "it can't be that complicated, you'l surely love it".
Analogous situation can happen in large companies that implement PKI and secure email in each division in turns.The divisions that have not turned to PKI and secure email yet are forced to handle incoming encrypted emails or have to use encryption in some workstations only.
The mail client most often used in the company is the OWA 2000,but Outlook 2003 is popular as well. Not all the users that receive encrypted mail expect it - the CA has published their certificates in its LDAP directory, so they are publicly available for anyone that wishes to encrypt email to them.
Following (virtual) users were employed in our tests
Alice, who uses Outlook to receive and send her professional mail, Bob, a roaming user that uses the OWA, Dave, who is a secure email guru (he is not an employee of the company, nonetheless sometimes he is asked to help with various secure email related problems), and finally the Administrator, who has no knowledge or experience with encryption, certificates or PKI. In contrast to Alice, Bob and Dave, the Administrator is a real-life person, cooperating with the test team.
