Recently, we published a blog post
that outlines how strongly committed we are to protecting our customers’ information. A key aspect of our strategy is to expand encryption across all our services. Earlier this month, we announced Office 365 Message Encryption
, a new service that allows you to send encrypted mail to anyone. As part of our ongoing focus on encryption, we announced yesterday
that we’re bringing S/MIME capability to Office 365 and Exchange Server 2013 Service Pack 1. With this release, customers will have S/MIME support across Outlook, Outlook Web App (OWA), and Exchange ActiveSync clients. S/MIME for Outlook and EAS is already available on Exchange Online and S/MIME on OWA is being rolled out and is expected to be completed by early April.
S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption and digital signing of MIME data, and it is defined in a number of Requests for Comments (RFCs): 3369, 3370, 3850, and 3851. S/MIME allows a user to: (1) encrypt an email and (2) digitally sign an email, and thus provides cryptographic security services such as authentication, message integrity, and non-repudiation of origin (using digital signatures). It also helps enhance privacy and data security (using encryption) for electronic messaging. You can learn more about S/MIME in this technet article
After S/MIME is enabled, customers who have a hybrid setup of Exchange Online and on-premises Exchange Server 2013 can have their online and on-premises users send S/MIME emails to one another. This means that online and on-premises users will be able to:
- Compose, send, receive, encrypt, and decrypt S/MIME-encrypted email via Outlook, OWA, and Exchange Active Sync (EAS) clients that support S/MIME.
- Send and receive digitally signed email via Outlook, OWA, and EAS clients.
Let’s look at how this works in OWA.
Using S/MIME in OWA
In OWA, users can choose different options to encrypt the message and/or digitally sign it using S/MIME.
You can select the S/MIME options to encrypt or digitally sign the message when you send a message in OWA.
When a digitally signed S/MIME mail is sent, the receiver sees the valid digital signature on the received message.