Software AG Products 10.7 | Integrating On-Premises and Cloud Applications | Managing MIME messages | Overview of MIME and S/MIME Messages | What Is S/MIME? | Digital Signatures | Explicit and Implicit Signatures
 
Explicit and Implicit Signatures
There are two types of digital signatures: explicit signatures and implicit signatures.
An explicit signature is appended as a separate body part to the end of a MIME message. This format is sometimes referred to as the clear-signing or detached-signature format. When a MIME entity contains an explicitly signed message, its Content-Type header field is set to “multipart/signed.” This field also specifies the protocol and message-integrity algorithm (micalg) used to produce the signature.
Integration Server uses the “pkcs7-signature” protocol and the “SHA-1” integrity algorithm.
Note:Integration Server automatically sets the Content-Type header field when you sign a message using the S/MIME services. Your service does not need to do this.
The following is an example of an explicitly signed MIME message. Notice that the message has two body parts: the first part contains the payload; the second part contains the signature.
An explicitly signed message
A message can also be implicitly signed. When you use this technique, the message is encoded within the signature block, thus preventing the message from being extracted or read unless the signature is processed by a PKCS-enabled recipient. For this reason, explicit signatures are preferred because they also make the message available to non-PKCS recipients.
When a MIME entity contains an implicitly signed message, its Content-Type header field is set to “application/pkcs7-mime.”
The following is an example of a text message that has been implicitly signed. As you can see, the text of the message is not visible.
An implicitly signed message