What is the S/MIME protocol?

S/MIME (Secure / Multipurpose Internet Mail Extensions) is a standard for encryption and digital signature of emails in MIME format.

This protocol is based on the use of certificates delivered by specialized companies like VeriSign, Thawte or Comodo Group.

In Windows, certificates are listed in stores. In order to display the stores and certificates list installed on your computer, you need to open a new MMC and add Certificates, a snap-in software component.

Each certificate includes 2 keys: a private and a public one. They will be used differently whether the sender wants to encrypt or sign the message.

• Digital Signature: The receivers of a signed email have a guarantee of the origin and the integrity of the message. Digital signature only needs the use of the sender private key. The signed message will be sent with the sender public key. MailMill .NET gives the possibility to send signed messages in a clear or opaque mode. In a clear mode, the digital signature is added at the end of the message; in an opaque mode, the message is encoded. If the signed messages are sent in opaque mode, the receiver cannot read it if his mail client does not handle the S/MIME protocol.
• Encryption: For encrypting a message, the sender needs the receiver public key. Messages will be encrypted using an algorythm specified in the mail client. MailMill .NET includes algorythms specified in the RFC 2633 norm - S/MIME Version 3.

As a conclusion, the S/MIME protocol offers the possibility to send secure messages to your receivers. Thanks to the digital signature, they have a guarantee of the origin and the integrity of the message. Encryption allows the user to send sensitive data (confidential message, bank or consumption statement, etc.).

Note: The MailMill .NET S/MIME implementation respects the RFC 2633 norm - S/MIME Version 3. The S/MIME protocol uses CAPICOM 2.0 (click here to download it).