Manualshelf

User guide

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
111112113114115116117118119120
Extending messaging security using S/MIME
encryption
You can extend messaging security for the BlackBerry Enterprise Solution and permit a BlackBerry device user to send and
receive S/MIME-protected email messages and S/MIME-protected PIN messages on a
BlackBerry device.
To extend messaging security, you or the device user must install the S/MIME Support Package for BlackBerry
smartphones on the device and transfer the S/MIME private key of the device user to the device. The S/MIME Support
Package for BlackBerry smartphones is designed to work with email applications such as Microsoft Outlook, Microsoft
Outlook Express
, and IBM Notes, and with PKIs such as Netscape, Entrust Authority Security Manager version 5 and later,
and Microsoft certification authorities.
The device user uses the S/MIME private key to decrypt S/MIME-protected messages on the device and to sign, encrypt,
and send S/MIME-protected messages from the device. If the BlackBerry Enterprise Server receives an S/MIME-encrypted
message but the device user did not install the S/MIME Support Package for BlackBerry smartphones, the BlackBerry
Enterprise Server sends a message to the device to indicate that the device does not support S/MIME-encrypted messages.
After the device user installs the S/MIME Support Package for BlackBerry smartphones, the device user can synchronize
and manage S/MIME certificates and S/MIME private keys using the certificate synchronization tool of the BlackBerry
Desktop Manager. The BlackBerry Enterprise Server does not apply an appended disclaimer to S/MIME-protected
messages that the device user sends from the device. Digital signatures on S/MIME-protected messages that the device
sends are not valid if disclaimers are appended to the messages.
To require the device user to use S/MIME encryption when forwarding or replying to messages, you can configure the S/
MIME Force Digital Signature IT policy rule and the S/MIME Force Encrypted Messages IT policy rule.
The S/MIME Support Package for BlackBerry smartphones is also designed to support the following features:
encoding and decoding of Unicode messages
ability to use a password, which the sender and recipient each know, to encrypt S/MIME-protected email messages or
PIN messages
ability to read S/MIME certificates that are stored on a smart card
S/MIME certificates and S/MIME private keys
The S/MIME Support Package for BlackBerry smartphones uses public key cryptography with S/MIME certificates and S/
MIME private keys to encrypt and decrypt email messages and PIN messages. The S/MIME Support Package for
BlackBerry smartphones use PKI protocols to search for and retrieve S/MIME certificates and certificate status over the
wireless network.
Security Technical Overview Extending messaging security to a device
120