"There are two formats for signed messages defined for S/MIME:
- application/pkcs7-mime with SignedData
- multipart/signed.
In general, the multipart/signed form is preferred for sending, and receiving agents MUST be able to handle both."
As per 1st of April, 2020 the situation with S/MIME signed messages support for free Gmail accounts is as following:
multipart/signed
- Gmail to Gmail: NOK (since 2013)
- Gmail to External Mail: NOK (since 2013)
- External Mail to Gmail: OK
application/pkcs7-mime with SignedData
- Gmail to Gmail: NOK (since 2017)
- Gmail to External Mail: OK
- External Mail to Gmail: OK
NOK means Gmail service mangles a message in transit by:
- repacking MIME entities and changing boundaries
- changing the content type of the message to multipart/mixed
- restricting access to S/MIME signature for multipart/signed messages
The history of the above points:
No comments:
Post a Comment