 The Multipurpose Internet Mail Extensions (MIME) system extends the basic

email system by permitting users to send binary files using the basic email
system. MIME is defined in RFCs 2045
to2049.
 S/MIME (Secure/Multipurpose Internet Mail Extension) is a security
enhancement to the MIME Internet e-mail format standard, which in turn
provided support for varying content types and multi-part messages over the
text only support in the original Internet RFC822 email standard.
 MIME provides a number of new header fields that define information about
the body of the message, including the format of the body and any encoding
that is done to facilitate transfer. Most important, MIME defines a number of
content formats, which standardize representations for the support of
multimedia e-mail.
 Examples include text, image, audio, and video.
 The MIME specification adds five new headers to the email system, which
describe information about the body of the message:

 (a) MIME-Version
 (b) Content-Type
 (c) Content-Transfer-Encoding
 (d) Content-ID: Identifies the MIME entities uniquely with reference to
multiple contexts.
 (e) Content-Description : Used when the body is not readable (e.g. video).
 a) MIME-Version This contains the MIME version number. This field
indicates that the message conforms to RFCs 2045 and 2046.
 (b) Content-Type -This describes the data contained in the body of the
message. The details provided are sufficient so that the receiver email
system can deal with the received email message in an appropriate manner.
The contents are specified as:
Type/Sub-type
 MIME specifies 7 content types, and 15 content sub-types.
(d)Content-ID :Identifies the MIME entities uniquely with reference to multiple
contexts.
(e) Content-Description:Used when the body is not readable (e.g. video).
 Specifies the type of transformation that has been used to represent the body of the
message. In other words, the method used to encode the messages into zeroes and
ones is defined here.
 Like PGP, S/MIME provides for digital signatures and encryption of email messages.
 These content-types support four new functions:
 S/MIME prefers the usage of the following cryptographic
algorithms:
● Digital Signature Standard (DSS) for digital signatures
● Diffie–Hellman for encrypting the symmetric session keys
● RSA for either digital signatures or for encrypting the
symmetric session keys
● DES-3 for symmetric key encryption
 S/MIME supports the various cryptographic
algorithms:
 S/MIME secures a MIME entity with a signature, encryption, or both.
 The MIME entity is prepared as per the usual MIME rules.
 This is processed by S/MIME, along with security-related data, such as
identifiers of algorithms and digital certificates.
 The output of this process is called a Public Key Cryptography Standard
(PKCS) object.
 This PKCS object itself is now considered as a message content and is
wrapped inside MIME, with the addition of appropriate MIME headers.
 S/MIME supports digital signature, encryption or both.
 S/MIME processes the email messages along with the other security-related
data, such as the algorithms used and the digital certificates to produce a
PKCS object.
 It is then treated like a message content.
 This means that appropriate MIME headers are added to it.
 For this purpose, S/MIME has two new content types and six new sub-types.
 S/MIME uses X.509V3 certificates.
 The key-management scheme used by S/MIME is a bit of a mixture of the
X.509 certificate hierarchy and the web of trust, as specified in PGP.
 Like PGP, S/MIME needs a configuration of the list of trusted keys and
CRLs(Certificate Revocation List). Certificates are signed by CAs, as
usual.
 An S/MIME user performs three key-management functions:
 Three additional features are proposed in the S/MIME :

(a) Signed Receipts :This message can be used as acknowledgment of an original message. This
provides proof of delivery of a message to the original sender. The recipient signs the entire
message (including the original message sent by the sender, the signature of the sender, and the
acknowledgment) and creates an S/MIME message type out of it.

(b) Security Labels: A security label may be added to a message to identify its sensitivity (how
confidential it is), access control (who can access it), and priority (secret, confidential, restricted,
etc.).

(c) Secure Mailing Lists: An S/MIME Mailing List Agent (MLA) can be created to take over
the processing that is required per recipient whenever a sender sends a message to multiple
users. For example, if a message is being sent to 10 recipients, it may have to be encrypted with
the 10 respective public keys of the recipients. An MLA can take a single incoming message,
perform the recipient specific encryption, and forward the message. This means that the original
sender needs to only encrypt the message once (with the public key of the MLA) and only send it
once (to the MLA). The MLA then does the remaining work