March 21, 2000

Microsoft Outlook® 2000 Service Release 1 (SR-1), which is included in Microsoft Office 2000 SR-1, adds new encryption and security features that support the Secure/Multipurpose Internet Mail Extensions (S/MIME) v3 protocol. S/MIME v3 is an Internet standard that extends S/MIME v2. (Outlook Express and Outlook 98 implemented most S/MIME v2 requirements.)

These new features include support for security labels and signed receipts. They allow you to help protect e-mail communications within your organization and to customize security to your requirements. The new features also adhere to standards so you can share security-enhanced e-mail messages with other organizations. To activate the new features, you add a new value to the Windows® registry.

The updates in Outlook 2000 SR-1 are of special interest to organizations that have internal requirements for S/MIME v3 support. For example, S/MIME v3 is a core requirement of the U.S. Government Medium Assurance Messaging standard.

Note   The new encryption and security features of this release require Microsoft Windows® 2000.

Security features

New security and encryption features in Outlook 2000 SR-1 include the following features:

• You can add a default encryption certificate to the Global Address List, so users within your organization can easily exchange encrypted e-mail messages.
• Security profiles are configured automatically. When you update digital certificates or other security profile information, users do not have to change their settings.
• Users can send security-enhanced receipt requests with messages to verify that the recipients recognize their digital signatures.
• Users can attach custom security labels to messages. Labels are created by each organization and made available to users.
• You can use registry settings to customize controls on security-enhanced messages to match your organization’s security policies.

Toolbox   The Office Resource Kit includes detailed information about these features in the white paper Microsoft Outlook 2000 Service Release 1. This white paper also documents additional registry settings that allow you to customize security. See the Outlook 2000 SR-1 white paper section in the Toolbox and download the file Out2000SR-1.doc. You can find this downloadable file on the Office 2000 Resource Kit Downloads page.

Enabling the new features

Outlook 2000 SR-1 security and encryption features are installed with Office 2000 SR-1. However, before users can see or use the new features, you must add the following subkey to the Windows registry:

HKEY_LOCAL_MACHINE\Software\Microsoft\Office\9.0\Outlook\Security

After you add the Security subkey, add a new value entry named EnableSRFeatures and set its value to 1. (EnableSRFeatures takes the DWORD data type and can be set to either 1 or 0.) Adding the EnableSRFeatures value entry with any non-zero value enables the security features of Outlook 2000 SR-1. If you do not add EnableSRFeatures, or if you set its value to 0, then Outlook 2000 SR-1 maintains the same user interface and feature set of Outlook 2000.

Important   If you install the full Outlook 2000 SR-1 product, the new security features are installed automatically. However, if you apply the Outlook 2000 SR-1 update to an existing Outlook 2000 installation, you need to take an extra step to enable the security features. On the SR-1 CD-ROM, open the Support folder. If your organization uses 128-bit encryption, run Out128.exe. If you use 40-bit encryption, run Out40.exe.

Related links

For more information about upgrading to Office 2000 SR-1, see Deploying Office 2000 Service Release 1 in the Office Resource Kit Journal.

For a detailed discussion of S/MIME and the related protocol OpenPGP, see the article S/MIME and OpenPGP on the Internet Mail Consortium (IMC) Web site.