| Cryptographic Services | |
Internet MIME (Multipurpose Internet Mail Extensions) messages consist of two parts: headers (describing the content) and a body (consisting of the actual data content or payload). MIME was not designed to provide for the application of security services, therefore S/MIME (Secure/Multipurpose Internet Mail Extensions) was created as a format and protocol for applying authentication, message integrity, non-repudiation (through the use of public key cryptography) and confidentiality (using encryption) to the Internet MIME message.
S/MIME is supported by transport mechanisms in one of either two versions: S/MIME v2 or S/MIME v3. The most notable difference between the two is that S/MIME v3 supports a wider variety and more secure set of encryption algorithms. The Cleo products support S/MIME v3; however, it is important to know which algorithms are supported by your trading partners before deciding upon the specific algorithms for both signing and encryption.
XML Encryption and XML Signature are published recommendations of the World Wide Web Consortium (W3C). These recommendations define the syntax and processing rules for encrypting and signing data. Generally, the encrypted symmetric key is contained within the EncryptedKey element and the encrypted data is contained within the EncryptedData element. See http://www.w3.org/TR/xmlenc-core for detailed information regarding XML encryption. For digital signing, the Signature element is the primary element for encapsulating the digital signature. See http://www.w3.org/TR/xmldsig-core for detailed information regarding XML signatures.
OpenPGP is a non-proprietary protocol for encrypting using public key cryptography. The OpenPGP protocol defines standard formats for encrypted messages, signatures, and certificates for exchanging public keys. See RFC 2440 for detailed information on the OpenPGP Message Format.