Digital signatures are normally attached to the message. However, digital signatures can also be detached. A detached signature may be stored and transmitted separately from the message it signs. In an S/MIME message with a detached signature, the signature is calculated over on the entire payload data, in addition to its MIME headers. The default Content-Type for this MIME part is text plain. If signing a Content-Type other than text plain, you must generate a Content-Type header line for the payload. All other MIME headers and boundaries, including those for the detached signature part, are produced by SME/KS.
The characteristics of attached digital signatures in PKCS#7 and S/MIME formats are:
The characteristics of detached digital signatures in PKCS#7 and S/MIME formats are as follows:
PKCS#7: Includes the signature and certificate without the signed data.
RNIF1.1: Uses PKCS#7 and a detached format.
S/MIME2: May include a MIME multipart message consisting of the original data in one segment and a binary format signature or a base64-encoded signature in a second segment.