top | item 39998010

(no title)

I personally think S/MIME is better than PGP. The "key exchange problem" is solved more pragmatically and user-friendly (send an unencrypted but signed email once, your/their client will automatically remember keys for encryption afterwards). And most pre-installed email clients support S/MIME natively (e.g. Apple Mail, Outlook, even the web email apps).

The only annoyance is that it's too difficult to acquire a certificate as an individual, but e.g. Actalis [1] will issue one for free.

[1] https://www.actalis.com/s-mime-certificates.aspx

discuss

Avamander|1 year ago

Apple Mail's implementation was broken for years, it silently failed to encrypt messages (CVE-2023-40440). It also still can't properly sign letters with attachments.

None of these implementations also handle RSA-PSS signatures and the standards basically forbid double-signing that would allow gradual migration to better algorithms. (This issue also exists with PGP/GPG)

Actalis is nice for testing but they unfortunately generate your private key for you instead of accepting your CSR. (Protonmail has the same issue with PGP.)

But it is better in a bunch of other aspects, including tooling, yes.