The S/MIME plugin for WebApp is an easy to use tool that helps you to secure your email with minimal effort from the user. Enable cross-organization data sharing, and fight against data leakage.
Without getting too technical: S/MIME is about exchanging email with an extra layer of trust by using a so-called “public key infrastructure” (PKI). In practice, this means that the user ensures the authenticity of the message by adding a digital signature. In addition, encryption can be used to avoid data leakage in case you were to be hit by a ‘man-in-the-middle’ attack.
With encryption enabled, the attacker would not be able to see the contents of the message (including any attachments).
You can send signed emails to anyone with one click. The “Sign” button appears above the editor of every email you are composing. Just click it to sign the message and enter the passphrase for your private key as you send the message.
The recipient(s) of your message will be able to read the contents of your message even if their email client does not support S/MIME. The message will be sent using ‘clear text’. The S/MIME plugin adds the verification data and your public certificate to the email. This data can be used at the other end to validate the authenticity of the message.
Signatures of incoming emails are automatically validated in WebApp by the S/MIME plugin. The message contents will be validated first. After this checks out, the validity of public certificate will be verified with the trusted third party that has authenticated the certificate.
A message on top of your email will show the status of the signature.
Message encryption is just as easy. The catch here is that you first need to obtain the public certificate for the recipient(s) of the encrypted message. This is straight-forward: you could ask them to send you a signed email.
Afterwards, encrypting an email is done at the click of a button. You won’t even need to enter a passphrase to encrypt a message. After the message is sent out, only the recipient(s) will be able to read the message. You will not even be able to read it unless you were one of the recipients.
The plugin will automatically store any public key it receives. Essentially this means that every signed message (which will always contain a public key) will add the public key of the sender to your personal store. These public keys can be used to encrypt outgoing messages to these recipients.