PKI Tutorials - Herong's Tutorial Examples - v2.20, by Dr. Herong Yang
What Is S/MIME
This section describes what is S/MIME (Secure/Multipurpose Internet Mail Extensions) - Using PKI to secure MIME data by public key signing and encryption.
What Is S/MIME (Secure/Multipurpose Internet Mail Extensions)? S/MIME is a standard to secure MIME data with public key signing and encryption. S/MIME was originally developed by RSA Data Security Inc. as PKCS#7 (Public-Key Cryptography Standards #7). The latest specification of S/MIME is RFC 5751: "Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.2 - Message Specification"
Here is the introduction of S/MIME provided in RFC 5751:
S/MIME (Secure/Multipurpose Internet Mail Extensions) provides a consistent way to send and receive secure MIME data. Based on the popular Internet MIME standard, S/MIME provides the following cryptographic security services for electronic messaging applications: authentication, message integrity and non-repudiation of origin (using digital signatures), and data confidentiality (using encryption). As a supplementary service, S/MIME provides for message compression.
S/MIME can be used by traditional mail user agents (MUAs) to add cryptographic security services to mail that is sent, and to interpret cryptographic security services in mail that is received. However, S/MIME is not restricted to mail; it can be used with any transport mechanism that transports MIME data, such as HTTP or SIP. As such, S/MIME takes advantage of the object-based features of MIME and allows secure messages to be exchanged in mixed-transport systems.
Further, S/MIME can be used in automated message transfer agents that use cryptographic security services that do not require any human intervention, such as the signing of software-generated documents and the encryption of FAX messages sent over the Internet.
As you can see in the introduction, S/MIME uses PKI to secure emails in two areas:
Table of Contents