.svg){kind=small}
New Zealand Government TaaS SEEMail
What is TaaS SEEMail?
TaaS makes it easier for government agencies to easily and securely connect with each other and their customers. TaaS SEEMail is a New Zealand Government Solution that ensures secure emails between participating Public Sector organisations. It is an encryption and security service under control by the Department of Internal Affairs (DIA).
The new SEEMail service is being established under the TaaS framework due the old contract vehicle expiring.
Three Components of SEEMail
SEEMail Authentication, Key Generation and certificate directory capabilities (Managed by Cogito Group)
SEEMail Gateway (Managed internally in your agency or other third-party Gateway provider such as Liverton or SSS)
SMARTS Testing (Managing by Liverton)
Cogito Group's Role
Cogito Group, in partnership with Taa5, has built and will operate the new TaaS based SEEMail PKI service. This includes a Certification Authority, Registration Authority and a Directory service.
Cogito Group currently provide the All of Government Authentication as a Service solution to a number of agencies for Taas. We specialise in data protection, authentication and encryption solutions.
Cogito's role is the certificate registration, generation and storage components only. The certificates will be used to ensure protection of data between agency gateways.
Unless you choose to change providers, there are no changes to who operates your SEEMail Gateway. You can continue to use your SEEMail Gateway Services provider for the Gateway itself. Cogito are only replacing the certificate component, that is, who you get the certificate off and where other agency certificates reside.
Cogito Group will not hold or see any of your SEEMail data. Cogito Group is not responsible for approval, release and blocking of emails. This remains the responsibility of the department or organisation that manages your gateway.
There will be three changes involved:
SEEMail Certificate Changes
1.
You will need to access a new portal for a certificate and that will mean that the appropriate person(s) will need an account to access this system.
2.
You will need to make a small update to the Certificate Authority (CA) certificate trust points. This update will involve adding one trust point and changing to where you point to. This will enable you to get trusted certificates for other agencies. If you have a SEEMail Gateway vendor managing this Gateway, you would likely be able to have them do this work for you.
3.
You will need to point to a new directory (LDAP) for accessing certificates from other agencies. If you have a SEEMail Gateway vendor managing this Gateway, you would likely be able to have them do this work for you.
Certificate Signing Requests
A Certificate Signing Request (CSR) is what is required to allow for the creation of a digital certificate. Typically, as part of creating a CSR you also generate the key pair that will be used, being the private and public key. The private key (where possible) should be generated and remain on the device that it was generated for. The public key must be generated with the private key (as they are mathematically related) and is inserted into the CSR. It is not necessary to protect the public key and in fact it is important that this be known by parties wishing to use the keys for electronic transactions.
CSR Generation Approaches
Frequently Asked Questions
What is it and what is involved in training assistance?
SEEMail is secure encrypted email which secures email traffic between participating agencies within the New Zealand Public Sector.
Cogito can provide training and/or professional services to assist your organisation to consume the certificate services or provide advice on how certificates work including in the portal. We are putting this in the Subscription Agreement as an Optional Allowance and your agency will only be invoiced if you seek training or professional services from Cogito outside of the enablement of provisioning the service to your first two staff members (with those first two able to enable others). If you do not consume any professional services or training materials, you will not be charged.
If we choose to, what’s the timeframe for terminating the contract?
The Subscription Agreement is a month-to-month payment contract, therefore the timeframe of the termination of the contract is one month’s notice.