Christian Barmala wrote:
> I consider PGP more secure than S/MIME, because you have more control over
> each step and you get the source.
Just for the record, there are at least three open source / free
software S/MIME implementations: NSS, OpenSSL, and the S/MIME Freeware
Library (SFL):
http://www.mozilla.org/projects/security/pki/nss/smime/
http://www.kfu.com/~nsayer/encryption/openssl.html
http://www.getronicsgov.com/hot/sfl_home.htm
The problem is not lack of S/MIME source code, the problem is that (to
my knowledge) none of these S/MIME implementations have yet been
packaged for end user use, e.g., by being integrated into an open source
email product, at least to my knowledge.
(The NSS S/MIME toolkit will eventually end up being integrated into
Mozilla. SFL has mainly been used for S/MIMEv3 interoperability testing
with proprietary S/MIME clients like Outlook and Outlook Express. I'm
not as familar with the OpenSSL S/MIME implementation, and don't know
where that implementation might be used.)
Frank
--
Frank Hecker work: http://www.collab.net/
[EMAIL PROTECTED] home: http://www.hecker.org/
