S/MIME - what is the difference between a certificate and a public key ?

Discussion in 'iOS 8' started by detlefs, Sep 27, 2014.

  1. detlefs macrumors newbie

    Joined:
    Sep 27, 2014
    #1
    I have some basic questions about S/MIME certificates created with the Keychain Access Certificate Assistant and about certificates and keys needed for email encryption and signing.

    3 facts:

    1. If one creates an email S/MIME certificate with the Keychain Access Certificate Assistant 3 files are created.
    a. Certificate
    b. Private key
    c. Public key

    2. If one exports the Certificate (a) or the Private key (b) as a p12 file and imports this p12 into Keychain Access of another iMac only the Certificate (a) and the Private key (b) are created. The public key (c) is not created during this import.

    3. When signing an email a certificate is send. The receiver of the certificate can use this certificate to send encrypted emails.

    Questions:
    1. People always talk about exchanging public keys to enable sending encrypted emails. Is the certificate the same as a public key ?

    2. The Certificate Assistant created a Public key (c).
    a. What is it for ? Is it needed for signing and/or encrypting emails ?
    b. What is the difference between this Public key (c) and the Certificate (a) ?
     
  2. detlefs thread starter macrumors newbie

    Joined:
    Sep 27, 2014
    #2
    Regarding question 2a. Is the Keychain Access Certificate Assistant created public key (c) required for signing and encrypting/decrypting emails?

    Answer: No, it is not required.

    I created a new S/MIME certificate with the Keychain Access Certificate Assistant and then immediately deleted the public key. I then send a signed email to my iPad and installed the certificate. I was then able to send an encrypted email and read the encrypted email on my iMac.

    The public key in Keychain Access must be for a function other than email.
     

Share This Page