Should I use S/MIME?
Aleksandar Milivojevic
amilivojevic at pbl.ca
Fri Nov 5 16:40:23 CET 2004
Erpo wrote:
> Hello all,
>
> I just upgraded to Evolution 2.0.2 and there's a new option in the
> Security menu to "S/MIME Sign" my mail. Should I use it?
Well, the main problem I have with S/MIME is the trust relationship that
you are forced to use if you want it to just work "out-of-the-box".
You, and all your correspondents need to buy certificates (or get one
for free from Thawte, but there are some gotchas about those free ones).
So basically, instead of choosing who you trust, you are forced to
trust commercial entities such as Verisign, GlobalSign, and hole bunch
of others that are installed as certification authorities in your mail
client. Actually, virtually all S/MIME capable mail clients are set up
to trust them automatically. It is not all that hard to buy falsified
certificate from most of them. For example, some time ago there was
incident when Verising sold some certificates to somebody pretending to
be Microsoft Corp, that could be used for code signing. Who knows how
many falsified were sold to less known names.
Now, the question is, why would you trust any of those corporations?
Because everybody else trust them? Because you are told you should
trust them? Neither is good reason.
On the other hand, with OpenPGP, you are forced to build your trust
relationships yourself. Personally, I find the web model of OpenPGP
more secure and flexible than hierarchical x509 model.
Of course, you could also generate and use self-signed certificates.
But than, you are loosing all the advatages of x509 model. Plus, other
people can't sign your certificate (as they can OpenPGP key), so it
makes it even less usefull. You can even create your own CA. But then,
your correspondents would have to trust this CA and that you made it
secure (so that nobody can break into your machine, steal CA keys, and
falsify certificates with it).
On the technical side, I never liked the fact that S/MIME signature
contains certificate (public key signed by CA) needed to verify
signature as part of it. It makes S/MIME signatures huge in comparation
to OpenPGP signature, and most of the time they are waste of bandwith
and disk space (you preatty soon end up with virtually thousands of
useless copies of other people certificates stored in your mail
folders). On one hand, this is a nice feature. You don't need to
obtain your corespondents certificate beforehand. You simply extract it
from S/MIME signature, check CA signature on certificate, and use that
certificate to verify signature on email. Works nicely if you buy
certificate from trusted CA. Doesn't work at all in all other cases.
On the other hand, as I said, you end up wasting your disk space. Try
signing one-line email with S/MIME and with OpenPGP, look at the message
source, and see the huge difference in size.
--
Aleksandar Milivojevic <amilivojevic at pbl.ca> Pollard Banknote Limited
Systems Administrator 1499 Buffalo Place
Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7
More information about the Gnupg-users
mailing list