Sending and Receiving S/MIME Encrypted Email on iOS 5 (Beta)
My last post on the topic of S/MIME on iOS 5 got a lot of helpful comments from readers filled in the gaps left by Apple’s current lack of documentation on this topic. The previous article is still the best place for information on how to set up your device to use S/MIME. This post has more information on actually using S/MIME for encrypting email messages.
There’s a setting I missed in the previous post was pointed out by a commenter. After getting iOS 5 on the device and putting your certificates on there, you need to edit your email settings. Click Settings->Mail, Contacts, Calendars->Your email account->Account->Advanced. Scroll down to the S/MIME section and turn on S/MIME. (Note that this wasn’t required in order to read S/MIME encrypted email.) Enabling S/MIME causes two new options to appear, Sign and Encrypt. Selecting these will cause your iOS device to try and sign and/or encrypt each outgoing message. Make sure you enable the Encrypt option at this point to make your iOS device attempt to encrypt outgoing messages when possible.
Immediately below the S/MIME section is a section called Certificates, which contains the certificates for which your device has private keys. You can select one of these certificates (clicking it puts a checkmark next to it) and this is the certificate that will be used to sign all outgoing messages (if you’ve turned on signing). Note: you can select certificates that are not valid for the digitalSignature key usage value. I submitted a bug report (ID 9601006) to Apple about this today.
Sending Encrypted Email With Exchange
If you are connecting to a Microsoft Exchange Outlook Web Access server, and you have an enterprise public key infrastructure that publishes encryption certificates to users’ global address list (GAL) entries, you are in luck. Sending encrypted email could not be easier.
Simply enable the account
and ensure Contact syncing is being performed for the account for email and enable S/MIME (thanks, Allan). When you choose a contact, the iOS device will automatically attempt to download the recipient’s certificate from the GAL. If it considers it valid, you will see a lock icon displayed next to the “To” address like this:
If it can’t find a valid certificate for your recipient, you’ll see something more like this:
If you are not connecting to Exchange, there will need to be a bit more manual process to get certificates on to your device. If you’ve used S/MIME at all, you’re likely familiar with the “send me a signed email so I can send you an encrypted email” dance. iOS 5 is no exception. In order to send encrypted emails to recipients you will need their certificates, and as far as I can tell the only way to make that happen (aside from using Exchange) is through an exchange of signed emails.
Once your desired recipient has sent you a signed email, if the iOS device trusts the certificate used to sign it, you will see their name in the From field appear like this:
If your device doesn’t trust them, it will look more like this:
Click the sender’s name. If they are untrusted, you will see a reason why, and have a “Trust” button available to you to choose to trust this certificate from now on. In either case, you will see a “View Certificate” button. Click it.
Click the “Install” button to install this certificate to your iOS device. Now when you reply to the sender’s email (or send them emails in the future), you will see a lock by their name indicating you will be encrypting the email to that individual.
Hopeful Future Improvements
I’d like to see some improvements. I’m filing bug reports with Apple on each of these items, and I hope others will too.
First thing would be an improvement to the signing certificate selection, enabling you to (a) not choose encryption certificates for signing, and (b) make it clear what that selection is for anyway. The certificate selection option is enabled even when you choose Encrypt, which makes the setting user interface very confusing. (On a related note, on my device I could not see a Key Usage value for any certificate by looking at its details. I have also filed this as a bug.)
The second thing would be a capability to import certificates into the device which does not require Exchange or the signed email dance. I created a configuration profile containing public certificates for every user at my company. Unfortunately, iOS Mail did not have the capability to use these certificates for sending encrypted email. In fact, iOS could not even send me an encrypted email until I first sent the device a signed email and imported it, even though my encryption certificate was on the device being used to read encrypted emails. Hopefully Apple will improve this in a future release.
Lastly, there should be a way to look in the contacts of the device to determine whether or not you have a (valid) encryption certificate for a user. If I am going to leave on a trip but I know I want to interact with a few people using encryption, I won’t know until I try to send them an email. The Address Book feature on my Mac already has this, it displays a little checkmark next to email addresses I can encrypt to.
Again, please let me know if you have any additional suggestions or feedback by entering a comment below!