S/MIME Frequently Asked Questions Revised 28 August 1995 1) What is S/MIME? S/MIME is a specification for secure electronic mail. S/MIME stands for Secure/Multipurpose Internet Mail Extensions and was designed to add security to e-mail messages in MIME format. The security services offered are authentication (using digital signatures) and privacy (using encryption). 2) Why S/MIME? There is a growing demand for e-mail security. S/MIME melds proven cryptographic constructs with standard e-mail practices. More importantly, it was designed to be interoperable, so that any two packages that implement S/MIME can communicate securely. 3) Is S/MIME a standard? The S/MIME working group plans to submit the S/MIME spec to the IETF for consideration as an official Internet RFC (standard) as soon as interoperability tests are complete. (The IETF has always placed great emphasis on "rough consensus and working code.") 4) How does S/MIME compare with PGP, PEM, and MOSS? S/MIME, PGP, PEM and MOSS all specify methods for securing electronic mail. All offer privacy and authentication services. Since PGP, PEM, and MOSS are all quite different, they need to be compared with S/MIME individually. PGP can be thought of as both a specification and an application. PGP relies on users to exchange keys and establish trust in each other. This informal "web of trust" works well for small workgroups, but can become unmanageable for large numbers of users. S/MIME, on the other hand, utilizes hierarchies in which the roles of the user and the certifier are formalized. This means that S/MIME is both more secure and more scaleable than PGP implementations. S/MIME has flexible guidelines for establishing hierarchies of users and will be equally easy for small groups and scaleable to large enterprises. S/MIME will also be well integrated into many e-mail applications, making it simple for users and ubiquitous. PEM is specified in IETF RFCs 1421-1424. PEM was an early standard for securing e-mail that specified a message format and a hierarchy structure. The PEM message format is based on 7-bit text messages, whereas S/MIME is designed to work with MIME binary attachments as well as text. The guidelines for hierarchies are also more flexible in S/MIME. This should allow for both easy set-up for small workgroups that don't need to be part of an all-encompassing hierarchy, and an easy path to move workgroups to the hierarchy that best suits their needs. MOSS is designed to overcome the limitations of PEM by handling MIME messages and being more liberal in the hierarchy requirements. But MOSS has so many implementation options that it is possible for two independent developers to come up with two MOSS mailers that will actually not "talk" to each other. MOSS can be thought of as a framework rather than a specification, and considerable work in implementation profiling has yet to be done. The overriding goal of S/MIME is interoperability, with a focus on e-mail. 5) What cryptographic algorithms does S/MIME use? S/MIME uses a hybrid approach to providing security, often referred to as a 'digital envelope.' The bulk message encryption is done with a symmetric cipher, and a public-key algorithm is used for key exchange. A public-key algorithm is also used for digital signatures. S/MIME recommends three symmetric encryption algorithms: DES, Triple-DES, and RC2. The adjustable key size of the RC2 algorithm makes it especially useful for applications intended for export outside the U.S. RSA is the required public-key algorithm. 6) What are the PKCS, particularly PKCS #7 and PKCS #10? PKCS (Public-Key Cryptography Standards) is a set of standards for implementation of public-key cryptography. It has been issued by RSA Data Security, Inc. in cooperation with a computer industry consortium, including Apple, Microsoft, DEC, Lotus, Sun, and MIT. PKCS #7 is a flexible and extensible message format for representing the results of cryptographic operations on some data. PKCS #10 is a message syntax for certification requests. 7) Does S/MIME use digital certificates? S/MIME does use digital certificates. The X.509 format is used due to its wide acceptance as the standard for digital certificates. VeriSign has set up a certificate hierarchy specifically to support the S/MIME effort. Contact VeriSign at 415/508-1151 for more information on the S/MIME hierarchy, or visit their web site at www.verisign.com. 8) Does S/MIME only work on the Internet? S/MIME is not specific to the Internet and can be used in any electronic mail environment. Careful consideration was given so that smaller, private implementations could grow to become part of the Internet if desired. This is accomplished by making the implementation guidelines flexible and scaleable. 9) Is a public domain implementation of S/MIME available? Yes, a free version of S/MIME will be available soon. A future version of the popular public domain mailer RIPEM will implement S/MIME. RIPEM is a program developed by Mark Riordan that enables secure Internet e-mail. It was later enhanced by Jeff Thompson. RIPEM provides both encryption and digital signatures. RIPEM is free for non-commercial use. In addition, several vendors have announced plans for making S/MIME compatible versions of their products available to the public domain. 10) Are there any tools available for building S/MIME clients? RSA's Toolkit for Interoperable Privacy Enhanced Messaging (TIPEM) is S/MIME compatible. TIPEM is a toolkit designed for developers. It includes C object code for digital envelopes, digital signatures, and digital certificate operations. PKCS #7 and #10 message formatting, and X.509 certificate management functions are also included. Copyright (c) 1995 RSA Data Security, Inc.