Manualshelf

User guide

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
121122123124125126127128129130
An S/MIME-enabled application did not use a weak algorithm to generate the digital signatures on the email messages
that the device receives.
The certificate chains for the certificates that an S/MIME-enabled application used to digitally sign email messages that
the device receives do not contain hash values generated using a weak algorithm.
Data flow: Sending an email message using S/MIME
encryption
If a sender installs the S/MIME Support Package for BlackBerry smartphones on a BlackBerry device, the device encrypts
outgoing email messages.
1. The device performs the following actions:
a checks the BlackBerry device key store for the S/MIME certificate of the recipient
b if the BlackBerry device key store does not include the S/MIME certificate of the recipient, uses the BlackBerry
MDS Connection Service to retrieve the S/MIME certificate of the recipient from the LDAP server or DSML server
and verify the certificate status
c encrypts the email message with the S/MIME certificate of the recipient or a password that the sender specifies
d if the sender specifies a password, combines the password with random bytes to generate an encryption key that is
specific to S/MIME encryption
e uses BlackBerry transport layer encryption to encrypt the S/MIME-encrypted message
f sends the message that is encrypted using BlackBerry transport layer encryption and S/MIME encryption to the
BlackBerry Enterprise Server
2. The BlackBerry Enterprise Server decrypts the BlackBerry transport layer encryption and sends the S/MIME-encrypted
message to the recipient.
Security Technical Overview Extending messaging security to a device
122