Scanning your connection...
Default PrivacyDefault Privacy
Back to Glossary
Email

What is S/MIME?

A standard for public key encryption and signing of email messages, supported natively by most email clients.

S/MIME (Secure/Multipurpose Internet Mail Extensions) provides email encryption and digital signatures using X.509 certificates.

S/MIME vs PGP

  • S/MIME: Uses certificate authority (CA) infrastructure. Built into most email clients (Outlook, Apple Mail, Thunderbird).
  • PGP: Uses web of trust. Requires separate software or extensions.
  • Both provide encryption and signing
  • S/MIME is more common in enterprise; PGP is more common in privacy communities

How It Works

  1. Obtain an S/MIME certificate (from a CA or self-signed)
  2. Install the certificate in your email client
  3. Send signed emails (recipients can verify your identity)
  4. Exchange certificates with contacts to enable encrypted email

Limitations

  • Requires certificate management
  • Only encrypts the message body — subject line, headers, and metadata are visible
  • Key management can be complex at scale
  • Certificates expire and need renewal

Related Terms

End-to-End Encryption

A method of secure communication where only the communicating users can read the messages. In principle, it prevents potential eavesdroppers – including telecom providers, Internet providers, and even the provider of the communication service – from being able to access the cryptographic keys needed to decrypt the conversation.

PGP

Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. It's used for signing, encrypting, and decrypting texts, emails, files, and directories, and is the gold standard for email encryption.

Public Key Cryptography

A cryptographic system that uses pairs of keys: public keys (which may be disseminated widely) and private keys (which are known only to the owner). This enables secure communication between parties who have never met and forms the basis for digital signatures, key exchange, and encrypted communication.

Have more questions?

Use our guided flow to get the right next privacy step for S/MIME.

Open Guided Flow