SMIME
Secure/Multipurpose Internet Mail Extensions. The RFC family that secures MIME payloads — used by AS1, AS2 and AS3.
Definition
S/MIME (Secure/Multipurpose Internet Mail Extensions) is the IETF specification defining how to encrypt, sign and certify a MIME payload using Cryptographic Message Syntax (CMS) and X.509 certificates. The current version is S/MIME 4.0, RFC 8551 (April 2019). S/MIME is the single cryptographic layer of the entire AS family: AS1 (SMTP), AS2 (HTTPS), AS3 (FTP).
Origin
S/MIME was developed from 1995 by RSA Data Security, then transferred to IETF in 1996. Successive versions are: 2.0 (RFC 2311, 1998), 3.0 (RFC 2633, 1999), 3.1 (RFC 3851, 2004), 3.2 (RFC 5751, 2010), 4.0 (RFC 8551, 2019). Each version improves support for modern algorithms (AES-GCM, EdDSA) and drops obsolete ones (RC2, SHA-1).
Example in context
Content-Type: application/pkcs7-mime; smime-type=enveloped-data;
name="order.p7m"
Content-Transfer-Encoding: base64
[BASE64-ENCODED CMS ENVELOPED DATA]
This header identifies an AS2 payload encrypted in S/MIME 4.0 format. The recipient recognises smime-type=enveloped-data, decodes the base64, parses the CMS structure, and decrypts the content using its RSA or EC private key. The inner S/MIME signature subsequently ensures non-repudiation.