Friday, February 5, 2010

What is really encrypted in a S/MIME protected e-mail?

I was wondering what is protected in a S/MIME e-mail and what is in plain text?
So sender's address and recipient's address is readable, also the subject. And all SMTP headers, e.g. the gateway dns name or ip address from where I got the e-mail. So far so good, I cannot deny that I got an e-mail or that I sent an e-mail. I should be also careful on my e-mail subjects.
Also good is that attachment file names are encrypted as well and even on BBC mails the encryption is done per recipient, so you cannot see the other recipients e.g. on the list of used encryption certificates serials.

c:\temp>certutil.exe smime.p7m

No Signer
Recipient Count: 2

Recipient Info[0]:
Serial Number: 169ad538
Issuer: CN=Verified Email,

Recipient Info[1]:
Serial Number: 9d71
Issuer: CN=StartCom Class 1 Primary Intermediate Client CA, OU=Secure Digita
l Certificate Signing, O=StartCom Ltd., C=IL

No Certificates
CertUtil: -dump command completed successfully.