Secure/Multipurpose Internet Mail Extensions (S/MIME) and RM have both overlapping as well as complementary features when compared side-by-side. Most organizations would find that neither solution fulfills all their security requirements and business functionality when deployed alone. In general, S/MIME adds public key encryption and support for digital signatures to Multipurpose Internet Mail Extensions (MIME). S/MIME provides two core pieces of functionality: digital signatures and encryption. RM provides similar encryption functionality end to end, but it enhances this functionality through policy enforcement and content permissions. Table 12-1 compares the properties and features that distinguish S/MIME digital signing, S/MIME encryption, and IRM.
Feature | S/MIME Signing | S/MIME Encryption | IRM |
---|---|---|---|
Authenticates the sender and provides nonrepudiation of message | Yes | No | No |
Authenticates the recipient | No | Yes | Yes |
Allows two-factor authentication | Yes | Yes | No |
Can encrypt content | No | Yes | Yes |
Prevents content tampering | Yes | Yes | Yes |
Offers content expiration | No | No | Yes |
Controls content reading, forwarding, saving, modifying, or printing by recipient | No | No | Yes |
Differentiates permissions by recipient | No | No | Yes |
Supported by Office 2003 and Exchange Server 2003 | Yes | Yes | Yes |
Access mail through Microsoft Outlook Web Access | Yes (Exchange Server 2003 only) | Yes (Exchange Server 2003 only) | Yes (Windows IE only) |
Supports large RSA key sizes and pluggable algorithms | Yes | Yes | No |
Cross-platform interoperability | Yes | Yes | No |
Message size compression | No | No | Yes |