digital envelope
A combination of (a) encrypted content data (of any kind) intended for a recipient and (b) the content encryption key in an encrypted form that has been prepared for the use of the recipient.
Senses
(I)
A combination of (a) encrypted content data (of any kind) intended for a recipient and (b) the content encryption key in an encrypted form that has been prepared for the use of the recipient.
Usage: In IDOCs, the term SHOULD be defined at the point of first use because, although the term is defined in PKCS #7 and used in S/MIME, it is not widely known.
Tutorial: Digital enveloping is not simply a synonym for implementing data confidentiality with encryption; digital enveloping is a hybrid encryption scheme to "seal" a message or other data, by encrypting the data and sending both it and a protected form of the key to the intended recipient, so that no one other than the intended recipient can "open" the message. In PKCS #7, it means first encrypting the data using a symmetric encryption algorithm and a secret key, and then encrypting the secret key using an asymmetric encryption algorithm and the public key of the intended recipient. In S/MIME, additional methods are defined for encrypting the content encryption key.
- IETF RFC 4949 (Internet Security Glossary)Jan 06, 2026RFC 4949 — Internet Security Glossary (Version 2)https://www.rfc-editor.org/rfc/rfc4949.txtRFC 4949 is published by the IETF Trust and marked as "Distribution of this memo is unlimited". Verify IETF Trust copyright/licensing terms for reuse.Source: IETF RFC 4949 (rfc-editor.org).