Security Labels

De Trustedbird Client Wiki
English | Français

> Documentation > Trustedbird > Security Labels > Technical Documentation

This feature is used to add security information in a message which will be used to handle authorizations and access rights.

It implements the security service "security labels" defined in RFC 2634 Enhanced Security Services for S/MIME. A security label is a set of security information regarding the sensitivity of the content that is protected by S/MIME encapsulation.

A security label is composed of:

  • Security Policy Identifier
  • Security Classification (optional)
  • Privacy Mark (optional)
  • Security Categories (optional)

Additional resources:


This feature is integrated in Trustedbird 2 and 3.1.


In order to define your own security policy, edit or add a new XML file (based on this XML Schema) in securityLabel folder in your profile directory.

Security policy example:

<?xml version="1.0" encoding="UTF-8"?>
<!-- ESS Security Label policy definition example -->

	Security Policy Identifier
		value (attribute) [OID]
		label (attribute) [string]: displayed name of the policy
	<securityPolicyIdentifier value="1.2.840.113549." label="default" />
	Security Classification
		valueDisplayed (attribute) [boolean]: decide if value is displayed or only label
		item (element):
			value (attribute) [integer]: must be in 0 - 256 range
			label (attribute) [string]: displayed name
	<securityClassification valueDisplayed="true">
		<item value="0" label="unmarked" />
		<item value="1" label="unclassified" />
		<item value="2" label="restricted" />
		<item value="3" label="confidential" />
		<item value="4" label="secret" />
		<item value="5" label="top-secret" />
	Privacy Mark
		freeText (attribute) [boolean]: define if free text if allowed
		item (element): add a predefined privacy mark
			value (attribute) [string]: displayed text and value of the privacy mark
	<privacyMark freeText="true">
		<item value="NOCONTRACTOR" />
		<item value="NOFORN" />
		<item value="保密" />
		<item value="प्रतिबंधित/सीमित" />
	Security Categories
		securityClassificationValue (attribute) [integer]: specify that these categories apply only to this classification
		item (element): category
			oid (attribute) [OID]: type of the category
			type (attribute) [integer]: data type of value attribute (1 for UTF-8 string, 2 for integer)
			value (attribute) [string]: text of the category
			label (attribute) [string]: displayed name of the category

	<!-- For all Security Classification -->
		<item oid="" type="1" value="private" label="Private" />
		<item oid="" type="1" value="EU Protected Information" label="Protected Information" />
	<!-- Only for Security Classification 4 -->
	<securityCategories securityClassificationValue="4">
		<item oid="" type="1" value="EYES ONLY" label="EYES ONLY" />
		<item oid="1.2.398.5" type="1" value="EU do not print" label="DO NOT PRINT" />
		<item oid="1.2.398.5" type="1" value="FR do not print" label="Ne pas imprimer" />
	<!-- Only for Security Classification 5 -->
	<securityCategories securityClassificationValue="5">
		<item oid="1.2.324.74" type="1" value="NATO CONFIDENTIAL" label="NATO CONFIDENTIAL" />
		<item oid="1.2.324.75" type="1" value="NATO RESTRICTED" label="NATO RESTRICTED" />
		<item oid="" type="1" value="高度機密" label="top-secret" />
		<item oid="" type="2" value="57" label="a" />
		<item oid="" type="2" value="6000" label="b" />
		<item oid="" type="1" value="6000" label="c" />


Trustedbird 3.1 (based on Thunderbird 3.1)

Compose window




Compose Info


View and sort messages with the security classification column


Message security info


Trustedbird 2 (based on Thunderbird 2)