This document specifies the conventions for using Message Authentication Code (MAC) encryption with the Cryptographic Message Syntax (CMS) authenticated-enveloped-data content type. This mirrors the use of a MAC combined with an encryption algorithm that's already employed in IPsec, Secure Socket Layer / Transport Layer Security (SSL/TLS) and Secure SHell (SSH), which is widely supported in existing crypto libraries and hardware and has been extensively analysed by the crypto community. https://datatracker.ietf.org/doc/rfc6476/ I don't know if this is already implemented. It was suggested as a solution for security issue with s/mime lately: "The problem with S/MIME implementations missing integrity protection is serious and we hope that vendors will quickly agree on implementing RFC6476 or something similar. This seems to be the most interesting finding, as it cannot be resolved quickly and it reminds everybody to be careful with contents that can become active as a backchannel or exploit code." http://lists.wald.intevation.org/pipermail/gpg4win-devel/2018-May/001696.html Thanks for your great work!