UW Digital IDs

Introduction

A UW Digital ID enables you to send digitally signed messages. A digital ID, also known as a digital certificate, helps prove your identity and helps prevent message tampering to protect the authenticity of an email message. You also can encrypt messages for greater privacy and associate the certificate with a digital signature for increased security.

Digital IDs DO NOT provide encryption without additional effort by you and the person to whom you are sending messages. Do not confuse "signing" email with "encrypting" email.  Signing is when the personal certificate is attached to the email providing a third-party validation mechanism to the recipient that message actually came from you (or at least from your account). Encryption is when the message is converted into ciphertext using public and private keys and then is sent in a format that cannot be intercepted. There are multiple steps associated with sending encrypted email and even then there should be no expectation of maintaining privacy via email. Email is inherently poor at maintaining privacy. You should consult with Technology Services on more secure ways of sharing information. 

In Outlook, a badge is shown next to your name when the recipient opens the message. This works inside the UWRF email system but does not work with all email systems at other institutions.

Identity Proofing

UW Digital IDs are managed by UW-Madison with local staff at each campus that maintains the security of the certificates and are legally authorized to "proof" (verify) your identity on their behalf. Identity proofing is where authorized Technology Services staff meet with you face to face (either in person or via video conferencing) to compare you to your request to your identity documents to "prove" you are the person the digital identity instrument says you are. This is a one-time process.

Requesting a UW-Digital ID

  1. Follow the steps outlined in the Requesting a Digital Certificate UW-Madison knowledge base article.
  2. Fill out the request form and verify your email according to the instructions sent to you.
    • After completing step 2, you receive an email that says you should contact certain individuals in Technology Services to do the next step. You do NOT have to do this. Once you complete the form, your request is forwarded to our ticketing system.
  3. DoTS reaches out to you to schedule an appointment to verify your identity. Please bring two forms of identification. The list of accepted forms of ID can be found here: UW-Digital ID - Customer Credentialing
  4. Once your identity is verified, you will receive an email with a link to download your certificate according to the instructions found here: UW-Digital ID - Download your Certificate

NOTE: This certificate expires 3 years following the issuance date. When the certificate is first downloaded and trusted, there will be an expiration date listed alongside the certificate within the certificate list. This should be seen during step 3 of "Installation and Configuration" below.  After 3 years, you may experience a pop-up notification stating the certificate is no longer valid. Follow the steps listed above to get a new certificate.

Installation and Configuration

  1. Install the certificate in your personal store according to the instructions found in the UW-System knowledge base
  2. After installing the certificate, follow the instructions found here. (After configuring your Outlook client, your email messages will appear with "Signed by: <your email address>.")
  3. Follow the steps outlined in the Configure Adobe Acrobat - UW Digital ID article to configure Adobe Acrobat to use your Digital ID to sign documents.

Details

Article ID: 7151
Created
Wed 6/24/15 2:35 PM
Modified
Wed 7/22/20 9:25 AM