S/MIME and Digital Signatures

You may have noticed that some e-mail messages that you receive contain a 'smime.p7s' or similarly named attachment. This attachment is part of S/MIME and digital signatures.

From RFC 2632

S/MIME (Secure/Multipurpose Internet Mail Extensions) provides a consistent way to send and receive secure MIME data. Based on the popular Internet MIME standard, S/MIME provides the following cryptographic security services for electronic messaging applications: authentication, message integrity and non-repudiation of origin (using digital signatures) and privacy and data security (using encryption)

Modern email clients, such as Outlook, Lotus Notes, Mail in OS X and Thunderbird seamlessly allow you to verify S/MIME signed email.

Be sure to add the CSU San Bernardino Root Certificate to your email client as a trusted authority for digital signatures (i.e. This certificate can identify mail users.)

More Information

• http://www.imc.org/smime-pgpmime.html
• http://www.rsasecurity.com/rsalabs/node.asp?id=2292
• http://www.iks-jena.de/mitarb/lutz/security/cryptfaq/q131.html
• http://www.hipaadvisory.com/tech/Smime.htm
• http://www.computerworld.com/securitytopics/security/story/0,10801,43420,00.html