FAQ TU Wien Secure E-Mail Gateway

General questions:

We recommend the use of the TU Wien Secure E-Mail Gateway, opens an external URL in a new window (gateway-based mail encryption) for the secure communication of sensitive information outside the upTUdate service. This allows emails to communication partners outside of upTUdate to be signed and encrypted.

With client-based email encryption, users must apply for the required local S/MIME certificate themselves, download it and install it in all email clients used on desktops, laptops, tablets, etc.

If you want to use local certificates; please note that local certificates lose their validity after 2 years. After 2 years at the latest, you must therefore apply for a new certificate via the web portal and install it on all instances (desktop, laptop, tablet, etc.) in addition to the existing certificate. You have to take care of the safekeeping of the certificates and the corresponding passwords yourself. If certificates are no longer available, access to encrypted emails is no longer possible. More information about client-based mail encryption.

The signing and, if desired, the encryption of emails is done on the TU Wien Secure E-Mail Gateway.

After activation, the TU Wien Secure E-Mail Gateway automatically provides certificates for users and manages and renews them if necessary. When sending emails to recipients outside of upTUdate, the emails are automatically signed. By inserting the keyword "#enc" or "encrypt" at the beginning of the subject, the encryption of an email can be enforced.

It is still possible to use client-based email encryption with local certificates. Due to the complex handling of local certificates, we recommend using the TU Wien Secure E-Mail Gateway (gateway-based email encryption).

If you want to use local certificates, please note that the local certificates lose their validity after 2 years. After 2 years at the latest, you must apply for a new certificate via the web portal and install it on all instances (desktop, laptop, tablet...) in addition to the existing certificate. You have to take care of the safekeeping of the certificates and the corresponding passwords yourself. If certificates are no longer available, access to encrypted emails is no longer possible. More information about client-based mail encryption.

The TU Wien provides you with two options for secure email transmission.

Option 1: TU Wien Secure E-Mail Gateway.

A necessary update of the certificates is done automatically by the TU Wien Secure E-Mail Gateway (gateway-based email encryption).

Option 2: Client-based email encryption with local S/MIME certificates in every email client.

If you want to use local certificates, please note that local certificates lose their validity after 2 years. After 2 years at the latest, you must apply for a new certificate via the web portal and install it on all instances (desktop, laptop, tablet...) in addition to the existing certificate. You have to take care of the safekeeping of the certificates and the corresponding passwords yourself. If certificates are no longer available, access to encrypted emails is no longer possible. More information about client-based mail encryption.

These emails are delivered immediately and directly. All functions provided by the TU Wien Secure E-Mail Gateway are not active.

The TU Wien Secure E-Mail Gateway removes the local signature, replaces it with the signature of the gateway and forwards the email in encrypted form.

I have activated the TU Wien Secure E-Mail Gateway:

The TU Wien Secure E-Mail Gateway supports upTUdate customers who have activated the TU Wien Secure E-Mail Gateway service by automatically attaching the digital signature to all emails leaving the upTUdate service. Within upTUdate email traffic is neither signed nor encrypted.

Outgoing emails are encrypted, if desired, without the user having to worry about the key management of the recipient.

The encryption mechanism can be triggered by prefixing the #encrypt or #enc commands to the beginning of the subject line.

Unfortunately, this is not easy to determine. If you have activated the TU Wien Secure E-Mail Gateway and want to send sensitive data, please add #enc or #encrypt in the subject line. This ensures that emails leaving the upTUdate infrastructure are encrypted in any case.

The TU Wien Secure E-Mail Gateway only distinguishes between upTUdate internal communication partners and communication partners whose delivery address is not upTUdate internal. If you want to send emails to TU-internal email addresses that cannot be delivered directly in upTUdate, you can force encryption with #enc or #encrypt.

Once your communication partner has sent a signed email to upTUdate, the TU Wien Secure E-Mail Gateway has saved the certificate. This enables the TU Wien Secure E-Mail Gateway to send an encrypted email to these communication partners and they can decrypt and read your email with their certificate.

If your communication partner has never sent a signed email to upTUdate, the TU Wien Secure E-Mail Gateway will not be able to deliver the encrypted email. The email remains stored at the gateway, and the recipient receives an email with the information that an encrypted email is available at the TU Wien Secure E-Mail Gateway. After logging on to the TU Wien Secure E-Mail Gateway, the recipient can read the email with a Web browser.

I have not activated the TU Wien Secure E-Mail Gateway:

Yes, you can still use your local certificate for signing and encryption. The TU Wien Secure E-Mail Gateway will forward your emails unchanged.

If you want to use local certificates, please note that local certificates lose their validity after 2 years. After 2 years at the latest, you must apply for a new certificate via the web portal and install it on all instances (desktop, laptop, tablet...) in addition to the existing certificate. You have to take care of the safekeeping of the certificates and the corresponding passwords yourself. If certificates are no longer available, access to encrypted emails is no longer possible. More information about client-based mail encryption.

Yes, incoming emails that are encrypted or signed with certificates not originating from the TU Wien Secure E-Mail Gateway are forwarded unchanged by the gateway.

Service Center

Logo service center

© TU Wien

 

Ticketsystem Online Portal, opens an external URL in a new window
Hotline 01 588 01 42002
help@it.tuwien.ac.at
1040 Wien, Operngasse 11, EG

The Service Center can be reached digitally from 8 a.m. to 4 p.m.

Safety and Security Measures, opens an external URL in a new window

 

Personal customer contact only by prior appointment, opens an external URL in a new window.

 

Compliance with the currently applicable COVID-19 security regulations is assumed.