Why would I want S/MIME?

[Mark H. Wood]

On Mon, Sep 12, 2016 at 03:10:24PM -0400, Robert J. Hansen wrote:
> > I understand what S/MIME is and that it's probably the easiest crypto
> > solution for most email users. But why would someone comfortable with
> > GnuPG use it?
> 
> There's a subtle point here.  The question isn't whether you're comfortable with GnuPG; the question is whether the people you want to send email to are comfortable with GnuPG.

Indeed, it's like telephones:  for communication to happen, both
parties must have them.

> I use S/MIME literally daily at work.  My co-workers like S/MIME because it's close to an "it just works" solution.  Few of my co-workers have been willing to learn GnuPG.

That echoes my experience.  At work we have a bulk-purchase
arrangement for certificates, so if I need one I just request one and
it magically appears.  OTOH most external correspondents have been
unwilling to pay the price of a certificate, so with those few who
*are* willing to pay the time to learn OpenPGP I use that.  At work,
Mutt (my MUA) is set up with keys for both and some rules to
automatically select the right one for each To: address.

In some workplaces, S/MIME is mandated.  That's another reason. :-)
With all the phishing going on these days, I foresee a wave of
companies issuing policies that unsigned mail seeming to come from a
fellow employee must be reported and then ignored.  Since it's already
easy to just buy certificates, they'll probably mostly go S/MIME.

-- 
Mark H. Wood
Lead Technology Analyst

University Library
Indiana University - Purdue University Indianapolis
755 W. Michigan Street
Indianapolis, IN 46202
317-274-0749
www.ulib.iupui.edu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: </pipermail/attachments/20160913/b1d9d62b/attachment-0001.sig>