[plug] [OT] PGP or S/MIME?

Craig Ringer craig at postnewspapers.com.au
Wed Apr 27 17:34:15 WST 2005


On Wed, 2005-04-27 at 16:44 +0800, Timothy White wrote:
> Just asking cause now you can use Gmail with S/MIME. Also, is there
> much difference in how they work? Publish your public key and retain
> your private key?

The crucial difference is that S/MIME is based on X.509 certificates
from a "trusted" certificate authority, where PGP is based on a "web of
trust" generated by signatures among the participants.

S/MIME won't do you much good without a certificate issued from a
certificate authority that most applications consider "trusted" by
default. PGP is easier to get started with, but really requires a
physical meet-up with some "well connected" people to be useful for
verifying your identity to people not familiar with you.

Personally, I find PGP much more useful for most of the communication I
do (usually exchanging passwords, signing mails containing ssh public
keys, etc).

--
Craig Ringer




More information about the plug mailing list