S/MIME may be security standard

RSA Data Security has applied to the Internet Engineering Task Force to establish S/MIME as a security standard for electronic messaging, says the company.

Oct. 31, 1997 8:25 a.m. PT

RSA Data Security has applied to the Internet Engineering Task Force to establish S/MIME as a security standard for electronic messaging, the company said today.

S/MIME is based on a combination of the standard MIME specification and the inter-vendor PKCS, considered to be one of the most widely implemented commercial cryptographic standards in the United States.

S/MIME is considered a standard for interoperable secure email and is used by a number of vendors, including Microsoft, IBM, Netscape Communications, and VeriSign. It allows vendors to develop RSA-based security for electronic messaging products, so that a S/MIME message encrypted with one vendor's application can be decrypted on another.

RSA's proposed S/MIME charter, now under consideration by the IETF, is expected to lead to the formation of an IETF-sponsored S/MIME working group.

In the past, the lack of industry agreement on standards for secure messaging over the Internet has limited adoption of messaging security technology, the company said.

The announcement today falls on the same day a new S/MIME consortium was formed in Japan by a group of 12 Japanese manufacturers, resellers, and distributors of secure messaging systems. The consortium plans to develop joint marketing programs to build market awareness for S/MIME.