[nycbug-talk] Root certificates on OS X...
trish at bsdunix.net
Sun Jul 25 11:20:39 EDT 2004
-----BEGIN PGP SIGNED MESSAGE-----
On Sun, 25 Jul 2004, Bob Ippolito wrote:
> S/MIME, the specification used by CACert, Thawte, etc. and supported in
> stock configurations of popular email clients by such as Mail.app, is
> definitely *NOT* GPG. Completely different stuff. GPG is for rings of
> trust, S/MIME is more centralized. Personally I don't think that GPG
> really has a chance because S/MIME is already so widely adopted, and
> PGP/GPG is well, not. Probably because PGP is proprietary software and
> GPG is GPL, where S/MIME takes advantage of the machinery that's
> already in OpenSSL and other frameworks that people were already using
> for other things (like encrypted IMAP, POP3, SMTP, HTTP) so licensing
> isn't really an issue.
I would actually have to disagree, IMO, S/MIME is unwieldy and a pain in
the arse, while PGP/GPG and all its tools for us unix folks have been a
round a long time. Its also not hard to get Outlook, Pegasus, or Eudora
users to use PGP.
I see more people signing thier email with PGP/GPG than anything else. I
get on average about 10 out of every hundred emails with a verifiable
OpenPGP signature on it. I don't see that with S/MIME at all.
S/MIME was widely adopted in the clients, and rarely used because of the
time it takes to get a cert signed by VeriSign and/or Thawte. With PGP, I
create a key and have others verify in a ring of trust... I have a pretty
reasonable assumption that all the keys I have imported are verified to be
the user by other people who have also been verified, by people that I
have usually met in person and know well. Its much easier for me to use
OpenPGP than S/MIME.
Trish Lynch trish at bsdunix.net
Ecartis Core Team trish at listmistress.org
EFNet IRC Operator/SysAdmin @ irc.dkom.at AilleCat at EFNet
Key fingerprint = 781D 2B47 AA4B FC88 B919 0CD6 26B2 1D62 6FC1 FF16
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (FreeBSD)
-----END PGP SIGNATURE-----
More information about the talk