Wishing to expand the e-mail services offer to its associates, the Portuguese Bar Association (Ordem dos Advogados – OA) decided to include a Webmail service accessible via its portal (Web site). Unfortunately the Webmail products of that time did not support digital signatures, something essential and required by law for lawyers. OA then asked Cynergi to develop a Webmail system supporting that feature.
The first stage of the project involved recognizing and validating digitally signed messages, which was achieved with the OpenSSL library included in PHP.
The next stage meant sending messages that were digitally signed by lawyers. For security reasons, OA determined that the digital certificates identifying a lawyer be kept in the lawyer identification card and never copied to the PC.
The project was concluded successfully and had many positive reviews, specially due to it ease of use.
The OA lawyer card is a smart card with built-in memory. In order to use it, each lawyer should get an OA-supplied card reader, as well as the respective software.
Amongst other things, this software installs new VBScript objects available to Web pages, which allow a page to perform a user-confirmed digital signature.
Even though in the software used by OA this process is different for messages with and without attachments, Cynergi managed to make the process uniform and hide its complexity from the user. All that the user sees is a checkbox on the "compose new mail" page, which should be checked to sign a message. If the checkbox is checked, the user is asked for confirmation and the message is signed and sent without intermediate pages or other apparatus.