We need S/MIME on Mac OS X

While PGP seems to be a common and useful method of authentication and encryption of email communications on Mac OS X, there are a dearth of options when it comes to S/MIME.

S/MIME is a protocol that provides for encryption and authentication of email messages using X.509-based keys and certificates. Using certificates based on X.509 means that your identity can be verified against a public certificate authority in the same way that an SSL-secured website is authenticated. When you receive a signed message in an S/MIME-capable email client, your client verifies the identity of the sender and integrity of the message against the certificate authority (CA) that issued the certificate used to sign the message. Trust is inherited from these certificate authorities, and you can (or at least should be able to) examine, verify, and edit that trust within your email client, web browser, or I think optimally at the OS level from a central application.

The only email client that natively seems to work with Mac OS X is Mozilla. I’ve tested it using Mozilla 1.2 and 1.3a and it works well. On Mac OS X, it is missing from all major clients: Microsoft Entourage, Apple Mail, Lotus Notes, and Qualcomm Eudora. (There is an S/MIME plugin from Entrust for Eudora on pre-Mac OS X versions.) There is a command-line program called ‘smime‘, but who is going to use that? I truly wish this worked in Entourage.

Why do Mac OS X users need S/MIME? Because we need to be able to encrypt for the same reasons that you don’t write all of your correspondence on the back of post cards. Because we can begin to make use of trusted, authenticated, and privately encrypted communications. Because it can be seamlessly integrated with email clients, making it easy, automatic, even behind-the-scenes. Because this functionality is available to all major Windows email clients: Outlook, Outlook Express, Eudora, Netscape, Mozilla, and Lotus Notes all either support it natively or through plugins. Because PGP is great, but not perfect, and it’s nice to have options. Because a key used to sign a message can be verified against a trusted certificate authority. Because we have the right to know beyond a reasonable doubt that the sender is who they say they are, and what they said is authentic. Because we have the right to private, encrypted, person-to-person communications, free from the prying eyes of thieves, perverts, libelous paparazzi, and corrupt governments.

When I discuss this with people, I often hear the same response: “I have nothing to hide.” These are the same people that will send their passwords and credit card info through email. It is trivial for someone with malicious intent to write a script that filters out and downloads credit card patterns or messages that contain the text “User ID” or “Password”. Ugh… Do you think it’s OK for someone to intercept your personal mail, steam open the envelope, and read the contents without your knowledge? Of course not! Email should have the same level of privacy, and this can be ensured through person-to-person encryption schemes such as PGP or S/MIME. The primary factors limiting widespread adoption of this technology are a general lack of understanding and a misplaced sense that somehow one’s email communications are private. Did I mention that it’s just a script?

You can purchase certificates for use in your email from various issuing Certificate Authorities, and some, such as Thawte, are free. It doesn’t take that much work to set up, and once it’s installed and you understand the security features of your email client it’s quite easy to use. If anyone enrolls in the Thawte personal certificate program and wants to get their certificate signed, I’m happy to do it for you free of charge. There are plenty of other notaries out there who can do this worldwide, and most also do not charge a fee. Contact me if you are in or plan on being in the San Francisco Bay Area and would like to have this done.

The only way Mac OS X users will get this functionality in our favorite email clients is if we request the feature. But then, to get people to request it, people have to understand why they need this. Hopefully this rant helps get the message out there a little.