Understanding the limitations of S/MIME digital signatures for e-mails: A GUI based approach

Albert Levi, Can Berk Güder
2009 Computers & security  
S/MIME (Secure/Multipurpose Internet Mail Extensions) is a well-known standard for secure e-mail exchange. S/MIME builds its identity management on e-mail addresses, rather than real names. This fact may sometimes cause sending a signed e-mail with a bogus name on it. Moreover, header information of a signed e-mail message, such as subject and name, can be altered without affecting the verifiability of the signature. This paper spots the details of such problems of S/MIME and discusses some
more » ... tions from both developer and user points of view. Moreover, GUI considerations about these problems are also analyzed in this paper. An ideal GUI is modeled and developed.
doi:10.1016/j.cose.2008.09.003 fatcat:36yqx7qwzvbqxgc3ej4jcwhv74