Then, you gain the ability to sign messages to prove that they come from you, at which point the recipient will receive a message with an attachment. p7s extension and you add it to your e-mail application.
Once you get a certificate, many of which are free from firms like Comodo or InstantSSL, you download a file ending with a. The actual protocol is derived from the PKCS #7 data format, and most email clients support S/MIME. The way this works is with a digital certificate that is issued to you by a trusted authority. The first one is using S/MIME, a very similar method to SSL connections. There are two ways to encrypt or sign messages. Right now, it's fairly annoying and not that obvious to start encrypting all of your messages. So why is it that email encryption isn't more widely used? It would solve all of these problems in one go. That is, if they hadn't already intercepted them on those insecure connections. A FISA court can submit a secret order to Google, Microsoft or Apple, and all your messages will be sent to the government without you ever finding out about it. Of course, even newer emails barely need any kind of judicial process to access. All they need to do is ask, since those messages are no longer yours. This means if you leave messages in your Gmail or Hotmail account, or even on your business hosted Exchange server, they become available for any law enforcement agency without a warrant, or even probable cause. The law governing these things is very old, and the way the US government interprets it means that anything older than 180 days is seen as abandoned. The chance that e-mails can be seen over the wire is not the only issue either. So while your messages may transit over an encrypted link for the last bit of their voyage, the previous connections were likely open for all to see. While SMTP, the protocol used to send mail, also has an encrypted version, most servers do not use it when talking to each other.
At least your user name and password aren't sent in plain text anymore. While early clients would connect to mail servers using POP or IMAP, both of which were plain text by default, now the vast majority of servers support SSL encryption over these protocols. Since the early days of the Internet we've had some improvements in email security. Servers would communicate over insecure links, addresses could be spoofed endlessly, and servers would accept messages from anyone who said HELLO. The mailing system was never designed to be secure or private, with everything being completely open and with no security or authentication whatsoever. Perhaps the most obvious type of communication is email, yet it is also the least secure. People from all walks of life now wonder how much privacy they truly have online and try to find out ways to protect themselves - for the first time in many cases. Ever since the NSA leaks the debate has started once again over privacy, encryption and security.