I have received an email from Daimler that asks for an S/MIME certificate or an PGP key. What does this mean?

Corporate policies at Daimler require secure transmission of confidential information. Classic e-mail does not satisfy this requirement. In order to send and receive this kind of information, additional safeguards are required. For the purpose of email encryption, Daimler supports S/MIME, PGP and SMTP over TLS.

You have received this email because a confidential message is supposed to be delivered to your account. Since we cannot ensure secure delivery with TLS, we ask for a PGP-key or S/MIME-certificate.

What are S/MIME, PGP and SMTP over TLS?

S/MIME, PGP and SMTP over TLS are established standards for encryption of e-mails. S/MIME and PGP are typically integrated into the mail client, while SMTP over TLS is used in communication between mail-servers.
S/MIME (Secure / Multipurpose Internet Mail Extension) is defined by Internet standard RFC 3851. OpenPGP is defined by Internet standards RFC 3156 and RFC 4880.
SMTP over TLS transmits an email through an encrypted channel between sending and receiving mailservers. It only protects confidentiality during transmission and - other than PGP or S/MIME - not the message itself. SMTP over TLS is defined by Internet standard RFC 3207.

What is required for using S/MIME?

Most modern e-mail clients come with built-in S/MIME functionality. Please consult the documentation of your software for details.

S/MIME requires a S/MIME-certificate. The easiest way is to purchase a certificate from a trusted certification authority. All major certification authorities provide such services, e.g. Verisign, Trustcenter, Entrust, GlobalSign, SwissSign, S-Trust, Secorio.

VeriSign provides a comprehensive documentation on how to configure various mail clients for S/MIME.

What is required for using PGP?

Other than S/MIME, PGP requires installation of additional software. PGP Desktop Email is a commercial product provided by Symantec. GnuPG (Linux), Gpg4win (Windows) and GPGTools (MacOS X) are opensource implementations that support OpenPGP.

What is required for using SMTP over TLS?

SMTP over TLS requires configuration changes on the mailservers of the external party and the mailservers at Daimler. Please contact our Service-Desk for details.

Where can I find more information on e-mail encryption?

For german readers, we recommend the whitepapers on security of email published by the German Association of the Automotive Industry (VDA).