Full Disclosure mailing list archives
Re: OpenPGP (GnuPG) vs. S/MIME
From: Simon Richter <Simon.Richter () hogyros de>
Date: Sat, 28 Feb 2004 06:36:46 +0100
Hi,
- - cryptographically, it appears more secure (i.e. larger public key sizes possible)
It's not size that matters, but technique. Seriously, both protocols support the same encryption methods and key lengths.
- - it seems to be more widely used
Depending on the community you're looking at.
- - it is easier to use (debateable)
Ease of use is a question of the MUA used.
- - its free
There are also free implementations of S/MIME available.
- - PGP in general is more flexible
No. Basically, the distinguishing mark between both protocols is the trust model implied by it (which is not intrinsic to the protocol, but made by marketing). PGP is the "geek" protocol, anyone can simply generate a key, have it signed by a few people they know and be set. S/MIME is the "corporate" protocol, with a centralized trust structure. It would be no problem to introduce centralized trust into an OpenPGP WOT (in fact, it is being done, e.g. by German computer magazine c't, who offer an OperPGP signing service and have their fingerprint in every issue), and it would be no problem to introduce a WOT into S/MIME. However, there is no incentive to do any of these. Corporations like VeriSign and Deutsche Telekom are making actual money selling certification in a centralized trust model. The rest should be obvious. Technically, the X.509 protocols can do more than OpenPGP. They have, for example, additional attributes on a certificate that specify the fields of use for that key (email, code signing, web services, ...) and whether that key could sign certificates. OpenPGP simply authenticates an entity and makes no assumption or statement about the purpose of the key. So, it's once again a conspiracy backed by evil large corporations that want us all to use S/MIME. :-) Simon -- GPG Fingerprint: 040E B5F7 84F1 4FBC CEAD ADC6 18A0 CC8D 5706 A4B4
Attachment:
signature.asc
Description: Digital signature
Current thread:
- OpenPGP (GnuPG) vs. S/MIME Ben Nelson (Feb 27)
- Re: OpenPGP (GnuPG) vs. S/MIME Tim (Feb 27)
- Re: OpenPGP (GnuPG) vs. S/MIME Kurt Seifried (Feb 27)
- A new look at PGP (WAS: Re: OpenPGP (GnuPG) vs. S/MIME) Harry Hoffman (Feb 27)
- Re: A new look at PGP (WAS: Re: OpenPGP (GnuPG) vs. S/MIME) Troy Solo (Feb 27)
- Re: A new look at PGP (WAS: Re: OpenPGP (GnuPG) vs. S/MIME) gadgeteer (Feb 27)
- Re: Re: A new look at PGP (WAS: Re: OpenPGP (GnuPG) vs. S/MIME) Roy M. Silvernail (Feb 28)
- Re: Re: A new look at PGP (WAS: Re: OpenPGP (GnuPG) vs. S/MIME) gadgeteer (Feb 28)
- Re: OpenPGP (GnuPG) vs. S/MIME Kurt Seifried (Feb 27)
- Re: OpenPGP (GnuPG) vs. S/MIME Tim (Feb 27)
- Re: A new look at PGP (WAS: Re: OpenPGP (GnuPG) vs. S/MIME) Byron Copeland (Feb 27)
- Re: A new look at PGP (WAS: Re: OpenPGP (GnuPG) vs. S/MIME) Harry Hoffman (Feb 28)
- Re: OpenPGP (GnuPG) vs. S/MIME petard (Feb 28)
- Re: OpenPGP (GnuPG) vs. S/MIME martin f krafft (Feb 28)
- <Possible follow-ups>
- Re: OpenPGP (GnuPG) vs. S/MIME Chris Adams (Feb 27)
- Re: Re: OpenPGP (GnuPG) vs. S/MIME petard (Feb 28)
