SMIME vs PGP
Janusz A. Urbanowicz
alex at bofh.net.pl
Wed Feb 6 23:32:46 CET 2008
On Wed, Feb 06, 2008 at 03:28:49PM -0600, SeidlS at schneider.com wrote:
> I am not a encryption expert, and need some help from the GnuPG user group.
That's why we are here.
> We have a new software product that has the capability of encrypting
> documents using SMIME. How common is SMIME and used outside of email
> clients? Is it compatible with the OpenPGP standard, and thus GnuPG? Is
> there a good website discussing the differences between the two standards?
S/MIME is a PKI (as in X.509 standard) counterpart of some subset of
OpenPGP standard (as defined in RFC 4880).
OpenPGP defines a way to sign, encrypt and then format data for
transmission or storage. Another standard, PGP/MIME, defines a way to
ue OpenPGP capabilities within e-mail. OpenPGP uses its own format of
keys with its own way how to decide to trust them.
S/MIME is based on X.509 certificates (with its hierarchy of trust),
and specifies only a way to sign and/or encrypt data within e-mail
based MIME structure. A counterpart just to encrypt random data is
called CMS (Cryptographic Message Syntax). S/MIME was based on PKCS#7,
now is based on CMS (which was developed after first version of
S/MIME), which now positions CMS as PKI counterpart to OpenPGP.
To muddy waters further, there are other PKI based-standards, like
XML-DSIG which aren't compatible with CMS or OpenPGP.
GNU Privacy Guard 1.x talks only OpenPGP. GNU Privacy Guard 2.x talks
OpenPGP and S/MIME, I'm not sure if it talks plain CMS.
> This document, and any attachments therein, contains proprietary and
> confidential information that may not be disclosed without the prior
> written permission of Schneider National, Inc. and its subsidiaries.
> Unauthorized use or misuse of this information and its contents is strictly
> prohibited. Schneider National, Inc. vigorously protects its rights.
This is a stupid footer to attach while posting to public mailing list.
JID: alex at hell.pl
od zwracania uwagi na detale są lekarze, adwokaci, programiści i zegarmistrze
More information about the Gnupg-users