What is a protocol that adds digital signatures and encryption to Internet MIME (Multipurpose
Internet Mail Extensions)?

A.
S/MIME

B.
PGP

C.
SET/MIME

D.
IPSEC

Explanation:
The MIME protocol specifies a structure for the body of an email message. MIME supports a number
of formats in the email body, including graphic, enhanced text and audio, but does not provide
security services for these messages. S/MIME defines such services for MIME as digital signatures
and encryption based on a standard syntax. *Answer IPSEC is incorrect since IPSEC is not an email
protocol but is a standard that provides encryption, access control, nonrepudiation, and
authentication of messages over IP. It is designed to be functionally compatible with IPv6. Answer b
is incorrect because PGP, Pretty Good Privacy, brings security to email through the use of a
symmetric cipher, such as IDEA, to encipher the message. RSA is used for symmetric key exchange
and for digital signatures. PGP is not an augmentation of MIMe. RFC 2440 permits other algorithms
to be used in PGP. In order of preference, they are ElGamal and RSAfor key distribution; triple DES,
IDEAand CAST5 for encryption of messages; DSA and RSA for digital signatures and SHA-1 or MD5 for
generating hashes of the messages. Answer d is incorrect because there is no such protocol. There is
a protocol called SET for Secure Electronic Transaction. It was developed by Visa and MasterCard to
secure electronic bankcard transactions. SET requests authorization for payment and requires
certificates binding a person’s public key to their identity.