Send Signed Email
From Exterior Memory
There are two ways to send signed or encrypted e-mail:
In general, PGP signed mail is most common.
Signed versus Encrypted Mail
Both S/Mime abd PGP allow both encryption as well as signing of mail.
- Signed mail
- Signing of mail helps in determining the authenticity and non-repudition of the mail. The receiver know for certain that it was really send by the sender (and not some fraud), and that the message content was unmodified.
- Encrypted mail
- Encryption of mail helps in keeping the contents confidential. Only the intended receiver can decrypt the message and read the contents.
Trust Model
PGP uses a web of trust, while S/MIME uses a hierarchical trust model.
- web of trust
- you trust a friend, who trust their friends. You may decide if you trust those friends, and perhaps even the friends of those friends.
- hierarchical trust
- There are a few central authorities, and you trust every certificate issued by a certain authorities.
In short, S/MIME (with hierarchical trust) is recommended within an organisation. PGP (with a web of trust) is recommended between users in different organisations.
Compatibility between GPG and S/MIME
There are two way to send PGP-signed mail: in-line PGP and PGP/MIME.
PGP/MIME is not compatible with S/MIME.
Technically, it may be possible to use S/MIME with in-line PGP, but it is unclear if there is any client support for that.
