S/MIME (Secure MIME)

Steven J. Greenwald, Independent Information Security Consultant

A Brief History of MIME

S/MIME Objectives and Threat Environment

Authentication

Message Integrity

Nonrepudiation

Message Privacy

S/MIME Usage

S/MIME Mechanisms

Cryptographic Message Syntax Support

Backward Compatibility

Diffie–Hellman Key Exchange

X.509 Certificates

Multiple Recipients

Creation and Interpretation of S/MIME Messages

Filename Extensions

Enveloped-Only Messages

Signed-Only Messages

Signing and Encrypting

Certificates-Only Message

Enhanced Security Services for S/MIME (RFC 2634)

Triple Wrapping

Signed Receipts

Security Labels

Secure Mailing Lists

Signing Certificates

Security Issues With the Enhancements

Alternatives to S/MIME

Conclusions

Glossary

Cross References

References

S/MIME (secure multipurpose Internet mail extensions) is a versatile standard designed to increase Internet e-mail security by providing authentication, message integrity, message origin nonrepudiation, and confidentiality. S/MIME is widely available because it is implemented in most modern e-mail user applications. Now in its third version, it can be considered fairly mature. S/MIME usually relies on X.509 certificates for key exchange. It assumes a threat environment in which adversaries can read and modify e-mail in transit and senders may wish to repudiate their messages. There are also some optional enhanced security services for S/MIME that provide signed receipts, security labels that can be used for MLS, ...

Get Handbook of Information Security, Volume 1, Key Concepts, Infrastructure, Standards, and Protocols now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.