[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]


"J.H.M. Dassen (Ray)" <jhm@cistron.nl> writes:

> On Tue, Jul 25, 2000 at 13:17:01 +1000, Brian May wrote:
> >> I am actually using mutt but I just discovered that it handle PGP/MIME
> >> (rfc2015) and not S/MIME (rfs2633-4).
> > 
> > What is the difference? I thought that there was only one standard...
> The beauty of standards...
> S/MIME is an older standard based on a hierarchical public key
> infrastructure using certificate authorities (similar to, or perhaps the
> same as for SSL). AFAIK it is not used much outside specific communities;
> Netscape is the only Linux MUA I'm aware of that supports it.

Older and newer.  See <URL:http://www.imc.org/smime-pgpmime.html>.
PGP/MIME and openPGP are relatively new (probably more recent than
S/MIMEv2), but S/MIMEv3 is even newer, I think.

It used to be that it was pretty hard to provide S/MIME in free
software (it relies on the open standards, X.509 and so on, which,
while open, aren't free---and they're also pretty complex).  Nowadays
it shouldn't be: openssl 0.9.5a provides enough support to get going
(and gnus is beginning to provide support---it can sign things,
although you can't do anything else), and there's a reference
implementation of S/MIME v3 available (see the IMC web page above)
under a pretty public domain license (sort of BSD, I think).

There's still the RSA issue (for a couple of months): whatever the
RFCs say, if you want to interoperate with common clients, you need to
do RSA.

> PGP/MIME is based on PGP/GnuPG, with the familiar guerilla-style
> non-hierarchical "web of trust". It is supported by mutt and others.

Yes.  The big disadvantage to PGP/MIME is that getting it actually to
work with Outlook, Netscape, etc., is non-trivial.  For interworking
with people using other operating systems, S/MIME is much easier.

Lots of GNU/Linux clients can do PGP/MIME (or something close).  I'm
surprised I haven't seen more things using the new openssl features to
do S/MIME (so far, gnus seems to be it).  I'm also surprised not to
see anything using the S/MIME freeware library.  Maybe it'll all start
appearing after the RSA patent finally expires?

Reply to: