Email Security: TLS and S/MIME

纵饮孤独 提交于 2021-02-06 13:53:49

问题


My understanding is that TLS is an encryption technique that allowing two STMP servers to communicate with each other securely. If HTTPS is used to connect to an STMP serve is that the same as using S/MIME?


回答1:


No. TLS encrypts the communication channel. S/MIME encrypts the message. I.e., it's the difference between "talking openly on a secure line" and "talking in code on an insecure line."




回答2:


HTTPS is used to connect to an STMP

There seems to be a misunderstanding regarding what HTTPS and SMTP are. HTTP and SMTP are two distinct protocols. HTTPS is essentially HTTP over SSL/TLS, which secures the communication between the client and the server. Similarly, communications between an SMTP client and an SMTP server can be secured using SSL/TLS (there are two variants: SMTP over SSL/TLS directly, on a specific port, or TLS initiated via STARTTLS within the SMTP protocol; either way, HTTPS isn't used to connect to an SMTP server). In both cases, this is transport-level security.

In contrast, S/MIME is about message-level security, where the messages are encrypted (even when they've been received and are sitting in your inbox).

What can be relevant to both SSL/TLS (for HTTP, SMTP, ...) and S/MIME is the notion of certificates and PKI (Public Key Infrastructure), which is what helps make decision regarding the trust in the remote party, necessary for security.



来源:https://stackoverflow.com/questions/3907020/email-security-tls-and-s-mime

标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!