Send Signed Email

There are two ways to send signed or encrypted e-mail:


 * Using PGP (or GPG)
 * Using S/MIME (signing mail with X.509 certificates)

In general, PGP signed mail is most common.

Signed versus Encrypted Mail
Both S/Mime abd PGP allow both encryption as well as signing of mail.


 * Signed mail: Signing of mail helps in determining the authenticity and non-repudition of the mail. The receiver know for certain that it was really send by the sender (and not some fraud), and that the message content was unmodified.


 * Encrypted mail: Encryption of mail helps in keeping the contents confidential. Only the intended receiver can decrypt the message and read the contents.

Trust Model
PGP uses a web of trust, while S/MIME uses a hierarchical trust model.


 * web of trust:you trust a friend, who trust their friends. You may decide if you trust those friends, and perhaps even the friends of those friends.


 * hierarchical trust:There are a few central authorities, and you trust every certificate issued by a certain authorities.

In short, S/MIME (with hierarchical trust) is recommended within an organisation. PGP (with a web of trust) is recommended between users in different organisations.

Compatibility between GPG and S/MIME
There are two way to send PGP-signed mail: in-line PGP and PGP/MIME.

PGP/MIME is not compatible with S/MIME.

Technically, it may be possible to use S/MIME with in-line PGP, but it is unclear if there is any client support for that.