HP MFP Digital Sending Software 5.0 - Readme file information
6
Enhancements for Version 5.01.51
Enhancements
1. DSS is now able to provide 3DES or AES-128 encryption for encrypted email sent via DSS. Before
the only choice was AES-256 encryption. The DSS server is configured to provide one type of
encryption or the other. It is not possible to set the encryption algorithm on a per device basis.
AES-256 encryption is on by default. To configure the server to use 3DES or AES-128 encryption
follow these steps:
a. Edit the following xml file: ..\Program Files (x86)\Hewlett-Packard\HP Digital Sending
Software\FileSystems\Product\Dss\Configuration\HP.Mfp.Pja.Resources.Email.Config
b. In the <EmailSettings> section of the file add the following line for 3DES encryption. For
AES-128 encryption replace the string “3DES” with “AES128”:
<EmailDataEncryptionAlgorithm>3DES</EmailDataEncryptionAlgorithm>
As shown in the example below
<EmailSettings>
<BlockUnauthenticatedEmails>false</BlockUnauthenticatedEmails>
.
.
.
<HeaderEncoding></HeaderEncoding>
<SubjectEncoding></SubjectEncoding>
<BodyEncoding></BodyEncoding>
<BodyTransferEncoding></BodyTransferEncoding>
<EmailDataEncryptionAlgorithm>3DES</EmailDataEncryptionAlgorithm>
</EmailSettings>
c) Save the file and Restart the DSS service
d) If the new <EmailDataEncryptionAlgorithm> element is not present or is empty the
system will use AES-256 encryption.
2. When sending encrypted email using AES encryption DSS uses certain default values for the
“SubjectIdentifier” and “Key Encryption Algorithm” fields in the email header. Some
environments may require different values to be used to function properly.
o By default the values are:
SubjectIdentifier = “IssuerAndSerialNumber”
Key Encryption Algorithm = “RSAES-OAEP”
o The system can be configured to use the following values:
SubjectIdentifier = “SubjectKeyIdentifier”
Key Encryption Algorithm = rsaEncryption