S/MIME

From Free net encyclopedia

S/MIME (Secure / Multipurpose Internet Mail Extensions) is a standard for public key encryption and signing of e-mail encapsulated in MIME.

History

S/MIME was originally developed by RSA Data Security Inc. The original specification used the recently developed IETF MIME specification with the de facto industry standard PCKS #7 secure message format.

Change control to S/MIME has since been vested in the IETF and the specification is now layered on Cryptographic Message Syntax, an IETF specification that is identical in most respects with PKCS #7.

Function

S/MIME provides the following cryptographic security services for electronic messaging applications: authentication, message integrity and non-repudiation of origin (using digital signatures) and privacy and data security (using encryption). S/MIME specifies the application/pkcs7-mime (smime-type "enveloped-data") type for data enveloping (encrypting): the whole (prepared) MIME entity to be enveloped is encrypted and packed into an object which subsequently is inserted into an application/pkcs7-mime MIME entity.

S/MIME functionality is built into the vast majority of modern e-mail software and interoperates between all of the following (and others):

• Outlook (since 1999? and Outlook 98)
• Outlook Express (since 1999?)
• Apple Mail (Since Mac OS X v10.3 Panther)
• Mozilla Mail (all releases after 0.9.7)
• Mozilla Thunderbird (all releases)
• Netscape Communicator (4.x)
• Lotus Notes (since release 5.0)
• Novell GroupWise (since 1998 with the 5.5 release)
• Qualcomm Eudora (since release 7.0. However 7.0 implementation of S/MIME is very deficient.)
• The Bat!
• Mutt (since release 1.5.5i)
• Gnus (with an external extension)
• Novell Evolution (since release 2.0.0)
• Balsa (since release 2.2.6)
• KMail (since release 1.6, integrated in KDE 3.2)
• Sun Java Messaging (in the Web-based client)
• GMail (using Firefox with the Gmail S/MIME extension)

See also

• MIME Multipupose Internet Mail Extensions
• TLS Transport Layer Security, formerly SSL
• E-mail authentication
• PGP Pretty Good Privacy

External links

• S/MIME working group charter — has links to S/MIME related RFCs and internet drafts.
• How to forge an S/MIME signature — critique on some S/MIME implementations.
• S/MIME IETF Working Group
• S/MIME and OpenPGP
• E-mail Client Testing for S/MIME Compliance

Free certificates

• Thawte
• Comodo
• VeriSign
• CAcert (not yet in most clients[1], but offers free server certs also)
• GlobalTrust (lifetime free certficate)
• VeriSign's Public Directory (ldap://directory.verisign.com)fi:S/MIME