S/MIME or PGP/MIME?

[Simon Josefsson]

Paul Holman <pablos@kadrevis.com> writes:

> While we're on the topic, here are some of my comments on S/MIME, and
> what we can learn from it:
>
> S/MIME mailer implementations have been riddled with interoperability
> problems and tentative (at best) support from their backers.  While I
> haven't given it a shot in a couple years, I understand that Netscape
> is not actively developing S/MIME support.  Outlook still seems to
> work, but I don't know of any other implementations.

If you have support in Outlook, you don't need anyone else supporting
it. :-)

Seriously, Outlook and Netscape has supported S/MIME for years and
they have a large part of the MUA market.  Very few mailers have had
_integrated_ PGP support until the last year or so.

> 1	Key Propogation
> S/MIME mailers attach the cert to every outgoing message (that is
> signed or encrypted).  Not only that, they notice when a cert is
> attached to incoming messages and add it to the keyring (mixing
> metaphors a bit).

The key can be found using a online lookup service as well, which is
probably more efficient.

> 2	Opportunistic Encryption
> Try sending a message to half a dozen recipients when you only have
> keys for half of them.  S/MIME mailers will encrypt tho those it can,
> and send cleartext to the rest.

I wouldn't call this a feature, but you can do this with PGP/MIME as
well.

> 3	Seamless Integration (My favorite!)
> S/MIME mailers never show you any cyphertext.  They just have little
> icons to indicate when a message was encrypted or verified
> successfully.

Yes, this is probably the main reason why S/MIME is popular.