[nycbug-talk] Root certificates on OS X...

Trish Lynch trish
Sun Jul 25 11:20:39 EDT 2004

Hash: SHA1

On Sun, 25 Jul 2004, Bob Ippolito wrote:

> S/MIME, the specification used by CACert, Thawte, etc. and supported in
> stock configurations of popular email clients by such as Mail.app, is
> definitely *NOT* GPG.  Completely different stuff.  GPG is for rings of
> trust, S/MIME is more centralized.  Personally I don't think that GPG
> really has a chance because S/MIME is already so widely adopted, and
> PGP/GPG is well, not.  Probably because PGP is proprietary software and
> GPG is GPL, where S/MIME takes advantage of the machinery that's
> already in OpenSSL and other frameworks that people were already using
> for other things (like encrypted IMAP, POP3, SMTP, HTTP) so licensing
> isn't really an issue.

I would actually have to disagree, IMO, S/MIME is unwieldy and a pain in
the arse, while PGP/GPG and all its tools for us unix folks have been a
round a long time. Its also not hard to get Outlook, Pegasus, or Eudora
users to use PGP.

I see more people signing thier email with PGP/GPG than anything else. I
get on average about 10 out of every hundred emails with a verifiable
OpenPGP signature on it. I don't see that with S/MIME at all.

S/MIME was widely adopted in the clients, and rarely used because of the
time it takes to get a cert signed by VeriSign and/or Thawte. With PGP, I
create a key and have others verify in a ring of trust... I have a pretty
reasonable assumption that all the keys I have imported are verified to be
the user by other people who have also been verified, by people that I
have usually met in person and know well. Its much easier for me to use
OpenPGP than S/MIME.

- -Trish

- -- 
Trish Lynch					   trish at bsdunix.net
Ecartis Core Team 			      trish at listmistress.org
EFNet IRC Operator/SysAdmin @ irc.dkom.at             AilleCat at EFNet
Key fingerprint = 781D 2B47 AA4B FC88 B919  0CD6 26B2 1D62 6FC1 FF16
Version: GnuPG v1.2.2 (FreeBSD)


More information about the talk mailing list