| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <403FC36E.2010308@venom600.org> From: lists at venom600.org (Ben Nelson) Subject: OpenPGP (GnuPG) vs. S/MIME -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I'd like to open a discussion about PGP vs. S/MIME . I've been pondering secure (or at least verifiable) mail lately and I see these two standards as the main options available at this point. It seems to me that PGP is the better of the two options because: - - cryptographically, it appears more secure (i.e. larger public key sizes possible) - - it seems to be more widely used - - it is easier to use (debateable) - - its free - - PGP in general is more flexible I've read a bit of information comparing the two, but it is all pretty old (mostly pre-2000). So, I may be operating under some false assumptions. Also, since PGP seems to be in wider use, why do fewer MUA's support it out of the box? To add PGP support to many of the more common MUA's in use, a 3rd party application needs to be used. While S/MIME support seems to be included into a lot of common MUA's. Is this because of licensing issues with commercial PGP? Or is including S/MIME support just easier, so developers include it out of convenience. Thoughts? - --Ben -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFAP8Nu3cL8qXKvzcwRAg8/AKC2Zjb0sx18iS1un5xbRc/QK2qNDACgq5rG X/yTyupNhwe8ShhkJU1Tp38= =WpF2 -----END PGP SIGNATURE-----
Powered by blists - more mailing lists