Reputation: 25193
Email Security: TLS and S/MIME
My understanding is that TLS is an encryption technique that allowing two STMP servers to communicate with each other securely. If HTTPS is used to connect to an STMP serve is that the same as using S/MIME?
Upvotes: 6
Views: 10541
Answers (2)
Reputation: 122719
HTTPS is used to connect to an STMP
There seems to be a misunderstanding regarding what HTTPS and SMTP are. HTTP and SMTP are two distinct protocols. HTTPS is essentially HTTP over SSL/TLS, which secures the communication between the client and the server. Similarly, communications between an SMTP client and an SMTP server can be secured using SSL/TLS (there are two variants: SMTP over SSL/TLS directly, on a specific port, or TLS initiated via STARTTLS within the SMTP protocol; either way, HTTPS isn't used to connect to an SMTP server). In both cases, this is transport-level security.
In contrast, S/MIME is about message-level security, where the messages are encrypted (even when they've been received and are sitting in your inbox).
What can be relevant to both SSL/TLS (for HTTP, SMTP, ...) and S/MIME is the notion of certificates and PKI (Public Key Infrastructure), which is what helps make decision regarding the trust in the remote party, necessary for security.
Upvotes: 7
Reputation: 53581
No. TLS encrypts the communication channel. S/MIME encrypts the message. I.e., it's the difference between "talking openly on a secure line" and "talking in code on an insecure line."
Upvotes: 15
Related Questions
- S/MIME for public key encryption and signing of email explained
- which is better tls or ssl?
- PHPMailer and S/MIME
- SSL for mail server
- Please clarify SMTP encryption protocol and ports (between servers only)
- (Tcl) Sending e-mails via gmail and yahoo mail servers
- Secure messaging using Secure MIME is it reliable?
- How is a mail secured using mail or s/mime certificate?
- Questions about SSL
- Understanding Secure Email