WARNING: This site is intended for online use only; mass-downloading of pages degrades the server and is prohibited.
If you attempt to use tools to mass-download the site, you may be blocked permanently by automated software.
If you want to read this CertiGuide offline, please use one of the links on the left to purchase a convenient PDF copy. Thank you.

Get this Security+ CertiGuide for your own computer.
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Also available: 300-question Security+ practice test!
Get It Here!

Custom Search






Table Of Contents  CertiGuide to Security+
 9  Chapter 2:  Communication Security (Domain 2.0; 20%)
      9  2.2  Email

Previous Topic/Section
2.2  Email
Previous Page
Pages in Current Topic/Section
1
Next Page
 2.2.2  PGP
Next Topic/Section

2.2.1  S/MIME

S/MIME, or Secure/MIME, provides sender authentication and message privacy for email. It was developed by RSA Security166, and uses standardized formats for message data and digital certifications -- the PKCS #7 data format for messages, and X.509v3 format for digital certificates used for authentication (see chapter 4 for more information). S/MIME is a scalable secure email solution in which the standard hierarchies used in managing X.509v3 digital certificates are used to handle the chores of public key exchange and certificate authentication. For symmetric encryption, S/MIME can use 3DES, DES and RC2 algorithms.167

One popular package that supports S/MIME is Microsoft Exchange with the Outlook client. Netscape clients also support it – since S/MIME is based on the same PKI as SSL, it has proven straightforward to implement in web browser email clients.

Unlike PGP, most implementations are not open-source-based, so implementations have not necessarily been as closely examined for potential security issues that PGP implementations have been.

S/MIME

S/MIME or Secure/MIME provides sender authentication and message privacy for email communications.

S/MIME uses X.509v3 digital certificates to perform public key exchange and authentication, without requiring that users manually exchange public key information through other channels.



 __________________

166. http://www.rsasecurity.com

167. “S/Mime Frequently Asked Questions”, RSA Security, Inc., http://www.rsasecurity.com/standards/smime/faq.html

Previous Topic/Section
2.2  Email
Previous Page
Pages in Current Topic/Section
1
Next Page
 2.2.2  PGP
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $


Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.