We've been working on this S/MIME implementation guide for some time so it's great to finally blog post it!

S/MIME provides open, interoperable protocols that allow compliant software to exchange messages that are protected with digital signatures and encryption. S/MIME requires that each sender and recipient have an X.509-format digital certificate, so public-key infrastructure (PKI) design and deployment is a major part of S/MIME deployment. This paper describes the S/MIME protocol, explains your options for obtaining, installing, and using certificates; describes different methods of certificate storage and their attributes; and describes how you can use S/MIME to protect messages sent from, and received by, Windows Mobile devices. The information and instructions in this paper are applicable to Windows Mobile 5.0 and Windows Mobile 6 devices and to users whose mailboxes are hosted on Exchange Server 2003 and Exchange Server 2007.