Should I use S/MIME?

Aleksandar Milivojevic amilivojevic at pbl.ca
Fri Nov 5 16:40:23 CET 2004 

Erpo wrote:
> Hello all,
> 
> I just upgraded to Evolution 2.0.2 and there's a new option in the
> Security menu to "S/MIME Sign" my mail. Should I use it?

Well, the main problem I have with S/MIME is the trust relationship that 
you are forced to use if you want it to just work "out-of-the-box". 
You, and all your correspondents need to buy certificates (or get one 
for free from Thawte, but there are some gotchas about those free ones). 
  So basically, instead of choosing who you trust, you are forced to 
trust commercial entities such as Verisign, GlobalSign, and hole bunch 
of others that are installed as certification authorities in your mail 
client.  Actually, virtually all S/MIME capable mail clients are set up 
to trust them automatically.  It is not all that hard to buy falsified 
certificate from most of them.  For example, some time ago there was 
incident when Verising sold some certificates to somebody pretending to 
be Microsoft Corp, that could be used for code signing.  Who knows how 
many falsified were sold to less known names.

Now, the question is, why would you trust any of those corporations? 
Because everybody else trust them?  Because you are told you should 
trust them?  Neither is good reason.

On the other hand, with OpenPGP, you are forced to build your trust 
relationships yourself.  Personally, I find the web model of OpenPGP 
more secure and flexible than hierarchical x509 model.

Of course, you could also generate and use self-signed certificates. 
But than, you are loosing all the advatages of x509 model.  Plus, other 
people can't sign your certificate (as they can OpenPGP key), so it 
makes it even less usefull.  You can even create your own CA.  But then, 
your correspondents would have to trust this CA and that you made it 
secure (so that nobody can break into your machine, steal CA keys, and 
falsify certificates with it).

On the technical side, I never liked the fact that S/MIME signature 
contains certificate (public key signed by CA) needed to verify 
signature as part of it.  It makes S/MIME signatures huge in comparation 
to OpenPGP signature, and most of the time they are waste of bandwith 
and disk space (you preatty soon end up with virtually thousands of 
useless copies of other people certificates stored in your mail 
folders).  On one hand, this is a nice feature.  You don't need to 
obtain your corespondents certificate beforehand.  You simply extract it 
from S/MIME signature, check CA signature on certificate, and use that 
certificate to verify signature on email.  Works nicely if you buy 
certificate from trusted CA.  Doesn't work at all in all other cases. 
On the other hand, as I said, you end up wasting your disk space.  Try 
signing one-line email with S/MIME and with OpenPGP, look at the message 
source, and see the huge difference in size.

-- 
Aleksandar Milivojevic <amilivojevic at pbl.ca>    Pollard Banknote Limited
Systems Administrator                           1499 Buffalo Place
Tel: (204) 474-2323 ext 276                     Winnipeg, MB  R3T 1L7

More information about the Gnupg-users mailing list