End-to-end encrypted emails
Secure and encrypted emails
Security and data protection are critical to us. Therefore, we offer the possibility of end-to-end encryption for email communication. The email is encrypted on the sender’s system, and only the intended recipient can decrypt the message. No one in between can read or manipulate the content of the message. End-to-end encryption can be combined with a digital signature. A digitally signed and encrypted email guarantees that the email comes from the specified sender.
We support S/MIME and PGP for encrypted email communication. Both methods are based on so-called public and private keys that both communication partners have. he sender encrypts the message with the recipient’s public key, who can only decrypt the message again with his private key.
How to get our public keys
To send us encrypted messages, you need our public keys. Each talessio employee and specific generic email addresses have their keys to enable secure communication.
On the one hand, our public S/MIME keys are available in public key directories such as OpenKeys or the Global Trust Point. You will also receive them when we send you signed messages. In addition, you can download them per communication partner from our website. For example, if you would like to obtain the public key for [email protected], you can find it at
https://keys.talessio.com/smime/[email protected]
All our S/MIME keys have been issued by SwissSign AG as SwissSign Personal Gold CA 2014 – G22 keys. The corresponding root certificate is included in nearly all operating systems automatically, but can also be downloaded directly from SwissSign or using the following links:
SwissSign Compatibility Information: https://www.swisssign.com/en/support/kompatibilitaet.html
SwissSign Root Certificates: https://www.swisssign.com/support/ca-prod.html
Our public PGP keys can also be retrieved from public key directories such as OpenPGP. We also operate our own Web Key Directory (WKD), which can be used to automatically obtain the keys directly from your email program. You can also download the keys for each communication partner from our website. For example, if you would like to obtain the public key for [email protected], you can find it at
How to provide us your public keys
In order to encrypt emails that we send to you, we need your public key in advance.
If you send us an unencrypted but signed email, your key is automatically stored on our server and can be used for encryption in the future. Alternatively, you can also send us your public keys by email to [email protected] as a file. In addition, our email server will attempt to query public directories to automatically determine your keys.
If your company has a domain certificate, please also send it to us by email to [email protected] so that we can set it up and use it in the future.
Details of our TLS encryption
Where S/MIME or PGP are not used or cannot be used, we support encryption via TLS 1.2.