Why does S/MIME encryption requires the sender to have a certificate of his own while only the recipient's public key is used?

macos mac email encryption smime

S/MIME encryption uses the recipients public key to encrypt an email. Upon receiving the encrypted message the recipient can decrypt it using the private key associated with the public key that was used for encryption.

Why then does the sender need to have public and private key for his/her email in order to send an encrypted message? At least macOS Monterey does not show the options for singing and encrypting with S/MIME unless I select my email address for sending for which I have a certificate in my keychain.


Solution 1:

It seems this is necessary to make the message readable for the sender in the "Sent box" while still keeping the message encrypted. The system stores the encrypted sent message locally by using the sender's public key and sends it using the recipient's public key. I deleted my own private key from the keychain and indeed the encrypted test message in my sent box became unreadable. Ingenious!

Related

Excel 2010 slow with large sets of data
Inconsistent output of `du` command
Disable PowerShell v2 via GPO
How to easily transfer tabs from one PC to another?
"hostname: command not found" CentOS 8
Does upgrading RAM with different Speed, affect the pc or affect all the RAM?
Grep command inaccurate or bad command? Windows WSL
What is the teleporter and how does it work?
What does the "Threat" stat do?
Do guest passes have an expiration date?
Are there any non-cosmetic penalties for damaging the Regalia?
How to stop an infinite kill command loop in a realm server? [duplicate]