2

I am wondering why is there a need for two secure email standards. If I am not completely wrong, nowadays PGP and SMIME essentially provide more or less the same functionality.

In the past, the difference was that PGP build on a web of trust, whereas SMIME always used a third trusted party. But in the meantime I think you can configure also PGP also with a CA. Further, PGP was intended to just encrypt plain mail messages while SMIME could also decrypt attachments. But in the meantime I am sure PGP can do the same.

So the question is: Is there any difference between these two protocols?

Many thanks, Andrew

Andrew
  • 77
  • 2
  • 3
  • Dude all of these posts belong on Serverfault.com – rook Feb 10 '11 at 01:45
  • @Rook not at all. This question could go to superuser.com, if it didn't have relation to programming, but it might be as well a perfect programming-related question (depending on what the OP is asking this for). – Eugene Mayevski 'Callback Feb 10 '11 at 06:29

1 Answers1

3

OpenPGP is data encryption and signing standard. It's use in securing e-mails is called (Open)PGP/MIME and it is a combination of OpenPGP and MIME. PGP/MIME is not widely used nowadays. S/MIME on the other hand is supported by most mail clients and mail processing applications.

The problem with S/MIME is a non-trivial procedure to obtain certificates for e-mail signing. From this point of view PGP/MIME is more handy (at least or occasional uses).

Just a note: our SecureBlackbox product offer support for all of the above mentioned technologies, so I have extensive experience with them.

Eugene Mayevski 'Callback
  • 45,135
  • 8
  • 71
  • 121
  • @Andrew StackOverflow works in the way that you say "thank you" by upvoting the answer(s). BTW your other question also needs some upvoting - there were great answers given there. – Eugene Mayevski 'Callback Feb 10 '11 at 06:30