S/MIME Certificate for Email Encryption

Friday, December 11, 2015

Email has integrated into our lifestyles so much so that we’re connected to it every day. Your smartphone, tablet, and PC, in one way or another, is connected to an email. Because emails contain heaps of confidential and profitable information, cyber attackers are constantly on the lookout to steal this information, to publish and sell the data.

Encrypting email is, therefore, important as it prevents email contents from being read or fabricated by a non-intended person with public-key cryptography technology. Email encryption comes in the form of what we call – S/MIME (Secure/Multipurpose Internet Mail Extensions) Certificate and is installed within email software of both sending and receiving parties.

Brief Overview of S/MIME Certificate

S/MIME is a standard cryptography technology for public key encryption and signing of MIME data is used to improve the security of emails. It is a digital certificate containing a digital signature used to authenticate, encrypt and append email messages, preventing email stealthy glance, falsification, and spoofing.

In order to use an S/MIME Certificate, both an email sender and an email receiver needs to use an email software that supports the S/MIME technology. Many in fact already supports S/MIME, including Microsoft Outlook, Mozilla Thunderbird, Apple Mac Mail.

3 Ways of Installing an S/MIME Certificate

S/MIME Certificate supports several delivery patterns of a signed email, and can be installed from various intersection points.

Pattern 1 <Installing from a Client’s PC>

S/MIME Certificate
If an email sender wants to append his/her signature, he can use an email client software that supports S/MIME and install the certificate. The email receiver, using an email software that supports S/MIME can then validate the signature from his/her client PC end.

Pattern 2 <Using an email delivery ASP vendor>

If a sender frequently sends emails and would like to save time and cost, the S/MIME certificate can be installed within an email delivery ASP vendor that supports the signed email delivery.

Pattern 3 <Using a server for signature>

If you prefer a flexible setup, the S/MIME Certificate can be installed in a Signature Gateway and then connected to an in-house Mail Server. The signature can be setup to append a person or by delivery email address.

DigiCert provides S/MIME certificates as part of its managed PKI services, and Cyber Secure Asia as a partner of DigiCert in Asia can be contacted to demonstrate DigiCert’s S/MIME certificate solutions.

Share :    

Back to Blog