Is it possible to sign a MIME email (RFC 2822) multiple times using S/MIME, so that all signatures are verifiable and retrievable?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Is it possible to sign a MIME email (RFC 2822) multiple times using S/MIME, so that all signatures are verifiable and retrievable?
The S/MIME format supports multiple signatures. S/MIME is, mostly, CMS with Base64 encoding so that it fits in text-only emails. In CMS, whenever there is a signature, there is actually some room for an arbitrary number of signatures, all computed over the main data. Signatures can be verified independently of each other. CMS also supports counter-signatures which a signatures computed over other signatures (what counter-signatures actually guarantee is somewhat unclear).
However, you may have trouble finding an emailing software which supports that. Graphical mail application (e.g. Thunderbird, Outlook Express…) have a single "sign" button and do not support adding multiple signatures. I am not sure of how they react upon receiving such an email either.
Programmatically, this is mostly a matter of using a CMS-aware library which allows you to inspect and create arbitrary CMS objects. Apparently, Bouncy Castle is such a library.