iOS 5 - Secure E-mail
Apple iOS 5 for iPhone, iPod and iPad offers a host of new functions, among which the option of securely sending e-mail using the S/MIME protocol. In order to send secure e-mails, S/MIME uses a digital certificate to sign or encrypt the messages digitally.
What do you need?
For this feature to work you will need a digital signature permitting the key usage 'digital signature', which is the case with e-mail certificates by both Comodo and GlobalSign.
Sign all outgoing e-mail using a certificate which identifies you or your company as the sender of the e-mail. This enables the recipient to check whether or not the received e-mail was, in fact, sent by you.
A digital certificate consists of a private and a public key. When encrypting an e-mail, the public key of the recipient's certificate is used. After having sent the e-mail, the recipient uses the private key belonging to his certificate to decrypt the message. Using e-mail encryption thus ensures a confidential exchange of messages where only the recipient of your messages (owner of the used public key) possesses the means of reading them.
Now follows a description of the necessary steps:
- There are different methods to install the certificate on the device:
- use the appropriate configuration program on, for example, a USB token
- export the certificate as a .pfx file and e-mailing it to yourself as an attachment, so it can be opened on the device
- On the device, go to Settings → Mail → Calendars and choose your exchange account followed by the option Advanced. Here you will be able to see the following settings:
|Receiving/reading encrypted e-mail||S/MIME|
|Signing outgoing e-mail of a selected account||Sign (choose the correct certificate for signing)|
|Encryption of outgoing e-mail from selected account*||Encrypt (choose the correct certificate for signing)|
*This option requires you to have the recipient's digital certificate. Obtaining this certificate can be accomplished by receiving a signed e-mail from the person you wish to send encrypted e-mails to.