Symantec Digital ID not safe?
I work for a government agency which has a lot of e-mail correspondence with other agencies. We were requested to install digital certificates and decided to go with Symantec digital IDs for secure e-mail.
Both signing and encrypting content have worked fine, but now our main counterpart is requesting that we need a better certificate since the Symantec version is not secure.
Since we do not have any expertise in this area ourselves I would like to know if anyone here could respond to our counterparts argument, verify if they are correct or if the reason for the problem could be found somewhere else? The argument is pasted below:
Anyway, I would like to strike your attention on the fact that your current certificate cannot be certified by a known and trusted Certification Authority, which could have severe impact on security.If your certificate becomes invalid for any reason, we won't be in order to know it and we take the risk to send sensitive information through an unsecure channel.Could you please envisage to change this certificate or provide us with another one that could be "certified"