Apple-Mail set S/MIME algorithm
https://apple.stackexchange.com/questions/214534
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
Apple-Mail uses DES-EDE3-CBC and SHA1 for new S/MIME-messages. Nowadays, both algorithms are considered as VERY WEAK and probably crackable by security agencies ore even large botnets. Is it somehow possible to force Apple Mail to use something more secure like AES-CBC and SHA2?
Solution
There appears to be no public default or setting to adjust the algorithm used by Mail – at least as of OS X 10.11.
Augment or Switch Your Mail Client
Consider using a third party tool like gpgtools to augment your e-mail security:
GPG for Mail is an open source plugin for Apple Mail. Encrypt, decrypt, sign and verify mails using OpenPGP with a few simple clicks.
Alternatively, consider switching to another e-mail client that better addresses your security concerns.
Tell Apple
Be sure to provide feedback about your concerns directly to Apple via Mail feedback. Every report helps justify the engineering time.
You may also find the CSDA mailing list useful for reaching the involved Apple engineers.
