Using S/MIME on iOS


#1

I'm interested in learning how to send encrypted email from iOS. I
found this Apple posting (https://support.apple.com/en-us/HT202345) about S/MIME, some of which is opaque to me, specifically the section about the signing certificate: that seems insecure.

I know The Intercept published something about using a GPG platform for organizations ("Exchange Environment") but I'm interested in secure email exchanges between individuals outside a corporate global address list. The easiest option is to simply avoid email and use Signal but not everyone knows about or uses that platform. I'm also prefer to avoid commercial email-based platforms like Virtru, though that's very easy to use for senders and for novice recipients (but...is it secure?).

So, with regard to S/MIME, the Apple support posting implies that - if a person is "outside the Exchange Environment" (a good thing, I think), a security certificate must be obtained and it lists these steps:
1). In a signed message from your intended recipient, tap the sender's address. Invalid signatures have a red question mark to the right of the sender's address. Mail indicates valid signatures with a blue check mark to the right of the sender's address.
2). If the sender's certificate was issued by an unknown certificate authority that doesn't reside within your Exchange environment, tap View Certificate.
3). To install and trust the sender's signing certificate, tap Install.
4). The Install button changes color to red and reads Remove. Tap Done in the upper-right to complete the certificate-installation process.
5). iOS associates this digital certificate with the recipient's email address, allowing for message encryption.

So, since the recipient is outside the "global address list", the certificate will indicate, "Untrusted Signature". How does the sender validate and "trust" the certificate? Is the certificate returned automatically to the sender from any non-recognized sender's email software? Once the certificate has been "trusted", will sender/recipient email from then on be encrypted (either by default or choice) without further aggro?

Thanks,
Keith