S/mime — I wikipedia
A wikipedia article, free l’encyclopéi.
S/MIME ( Secure/Multipurpose Internet Mail Extensions ) is a standard of cryptography and digital signature of email encapsulated in mime format. It provides integrity, authentication, non-repudiation and data confidentiality.
Mime is an internet standard that offers no notion of security, which is why developers at RSA Security have created S/Mime. Like Mime, S/Mime has the task of checking the contents of the headers inserted at the start of each email. On the other hand, instead of determining what type of application use to open such file, s/mime inspects the headers and determines how digital encryption and signatures should be processed [ first ] .
Norms [ modifier | Modifier and code ]
S/MIME is a standard based on X.509 digital certificates to sign and encrypt emails. X.509 is the standard used to define what a digital certificate is as part of a public key infrastructure (PKI). In this infrastructure, the certification authorities (CA) guarantee that certificates describe the right entity. The certification authority may issue a digital certificate for several reasons, but it must assign the certificate a precise use. The rules that indicate the exact way to use a certificate are called certification policy.
The messages themselves are encrypted using symmetrical cryptography and a public key is used for key exchange and digital signatures. S/mime can be used with different symmetrical algorithms:
- OF THE ( Data Encryption Standard );
- 3des ( Triple of );
- RC2 ( Ron’s Code 2 );
- AES ( Advanced Encryption Standard ).
Example of signature s/mime [ modifier | Modifier and code ]
MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="----D7B623C746311F5D683A038DC482F307" This is an S/MIME signed message ------D7B623C746311F5D683A038DC482F307 Content-Type: text/plain Ceci est le texte d'origine qui est signé. ------D7B623C746311F5D683A038DC482F307 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIIGgQYJKoZIhvcNAQcCoIIGcjCCBm4CAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3 DQEHAaCCA7wwggO4MIICoKADAgECAgEMMA0GCSqGSIb3DQEBBAUAMIGrMQswCQYD VQQGEwJGUjEPMA0GA1UECBMGRlJBTkNFMQ4wDAYDVQQHEwVQQVJJUzEZMBcGA1UE ChMQVEhFIFNJR05BVFVSRSBDQTEaMBgGA1UECxMRU2lnbmF0dXJlIFNlcnZpY2Ux HDAaBgNVBAMTE1NpZ25hdHVyZSBBdXRob3JpdHkxJjAkBgkqhkiG9w0BCQEWF2F1 dGhvcml0eUBzaWduYXR1cmUub3JnMB4XDTAzMDcxNzE1Mjc0MVoXDTEzMDcxNDE1 Mjc0MVowQTEcMBoGA1UEAxMTTmljb2xhcyBHSUJFUlQgTUlNRTEhMB8GCSqGSIb3 DQEJARYSbmdpYmVydEBreXJpYmEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEA4etdKeyVBAL9nhlqLyf0Qynrc0PxbdVUS8GR4KXk8otrfOgphO90 CK4lWdpBZTVGkWI4lWDV43dlDUlI25a018qmfPCINg1FGXF+1Dhq+Zt2GCT5FF0r os3Vn97EkM5u7pKHFWcGzMXXGExc/vIO2N0/5f+4tR5LTVvBoJKgmyXPHCRHNo6R wzLuZCWkmsJsi1PlGfbwST2bVkWTpChklVzSHrrtiyKB5Xv3T6ZGB/Cc/yQVmbl2 X67pRFScxUZox5dGMIKwRPL4pTuYmpuCx8SnedS2IfEKgvHlSUPrNKEItPUudWga 5hkDQQEQs7Lr7VhJwBscLpk1MZshJJOhaQIDAQABo1AwTjAdBgNVHREEFjAUgRJu Z2liZXJ0QGt5cmliYS5jb20wDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBSGbA6p h5FKdbywujPMeW17sEFuVTANBgkqhkiG9w0BAQQFAAOCAQEASyTJnfbBkpqm33pL l1GiI4NSXn1ZMk2vhLEnetsqyYz/Crt2dKP4nP5PG+fm19inBNCfdiAM2B3ucGOo BPAl4LE1Hl4SgbxLB2DRfsHlxUel1qbJxr4fGxsbfUo45PF47YuVvJSqYOXL5cLd jgspXO/+y+WiUj7HxBmoJ33d/zczSwkuLq8JtFa7/gGQWCdAn+zvh8r7bL8ZXmkQ bZXPb3FQoVffNFtVOIYffT6JKASfbQ6xg5/aRYOBVFnD6WkGdz2WrUF4Azwb9Zg+ F3zzTEHTzQYL4gQ5wfE0iU9IYktqJPUHh8zj21shI9QeBsPlgj6Mr9Hgut4/5Ruy uicJAjGCAo0wggKJAgEBMIGxMIGrMQswCQYDVQQGEwJGUjEPMA0GA1UECBMGRlJB TkNFMQ4wDAYDVQQHEwVQQVJJUzEZMBcGA1UEChMQVEhFIFNJR05BVFVSRSBDQTEa MBgGA1UECxMRU2lnbmF0dXJlIFNlcnZpY2UxHDAaBgNVBAMTE1NpZ25hdHVyZSBB dXRob3JpdHkxJjAkBgkqhkiG9w0BCQEWF2F1dGhvcml0eUBzaWduYXR1cmUub3Jn AgEMMAkGBSsOAwIaBQCggbEwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkq hkiG9w0BCQUxDxcNMDQwMjIzMTMyMjE3WjAjBgkqhkiG9w0BCQQxFgQUOL5Urgee O3uz3U04UlEu49ZZQ+wwUgYJKoZIhvcNAQkPMUUwQzAKBggqhkiG9w0DBzAOBggq hkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZIhvcNAwIC ASgwDQYJKoZIhvcNAQEBBQAEggEAnkWzrt7offEb6lRqACgQYmcH+N76WKcxE2pP xvTtz2tr/s4pRRA8NS5oYU1g7MeIWzA2VSWLe1aKYZHltAuo2sWSpovK8qLE5BGJ 4/yep7pM7lY475gA0bq/N/2HCu9JqbHx5ylF6HQ2f9A1dNlveo93r5GiBNCTTZd+ PN8oO9MoOs8SpqgnOkS0DQnEL+H393L3I+MIQ7x+CBkZaIgbVa4nmQe0r3kOqqSn rDL4HBQO1XEZtlBTMUbRgSofdzSsWQk3TpnmJuorl2ckYHjPk72cHJojsmcj3Uu3 QiRq7EOYy+BtYpR7fRM9zoYl8Y5VscvHC1TlfJhygIVIs1VsPQ== ------D7B623C746311F5D683A038DC482F307--
- (in) RFC 5750 : S/MIME Version 3.2 – Certificate Handling
- (in) RFC 5751 : S/MIME Version 3.2 – Message Specification
- (in) RFC 2634 : Enhanced Security Services for S/MIME
- (in) How to Cheat at Securing Your Network , Dubrawski, Ido – Burlington, MA : Elsevier, 2007. – p. 83 (ISBN 978-1-59749-231-7 ) .
Recent Comments