An official website of the United States government
A .mil website belongs to an official U.S. Department of Defense organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.

My Coast Guard
Commentary | Feb. 13, 2023

Coming soon: All Coast Guard emails must have a digital signature

By Lt. Jacob Duda, Coast Guard Cyber Command

Over the next few weeks Coast Guard users will notice that all outgoing email messages will have digital signatures enabled by default. You can see this by navigating to the “Options” menu while composing an email and looking at the “Sign” option.  

The option to remove the digital signature will not be available. This change will not impact Outlook Webmail or Mobility devices. 

How to digitally sign your email graphic

What is a Digital signature?  

A digital signature is a type of electronic signature – a mathematical algorithm, actually – that guarantees the integrity of a message. It’s basically proof that you (the sender) are who you say you are. It also confirms that you created the information in the message and that it hasn’t been altered.   

If you are experiencing issues with digital signatures, please refer to the following guide

Why do I need a digital signature on my messages? 

The Department of Defense now requires that all outgoing messages have digital signature enabled by default. Since Coast Guard networks are within the boundaries of the Department of Defense Information Network (DoDIN), we are required to follow DoD cybersecurity measures.  

In addition, Coast Guard cybersecurity policy mandates a digital signature on all emails sent to recipients external of the .mil, .dhs, .gov domains and any email with sensitive data sent within these domains.  This is an important cybersecurity measure that protects Coast Guard information and guarantees the integrity of the message. 

How does a digital signature work?  

When you send an email, a hash (called a message digest) is created of the message and encrypted using the sender’s private key. Upon receipt, the recipient creates a hash of the message and then uses the senders public key to decrypt the message digest and the client compares the two hashes. This confirms both the authenticity of the sender and the integrity of the message.   

You can find out more about digital signatures from the Cybersecurity & Infrastructure Security Agency (CISA) here.  

Resources: 

In the news: