I've never heard any claim that MS's s/mime implementation wasn't interoperable, but then I've also never heard any claim that it was.
The real big difference between S/MIME and PGP comes in their trust model. PGP assumes that you trust participating individuals to manage their keys, and there are various mechanisms (keyservers w/ web of trust) implemented by various groups to attempt to partially extend that trust out to larger scope. S/MIME assumes you trust a Certificate Authority to validate the identities of everyone they sell a cert to, and that you can establish the identify of the person you want to correspond with from the contents of the cert. I've never seen S/MIME used where interop or heterogenous environments were to be supported; that seems to be the exclusive domain of PGP. Somehow the trust model of S/MIME hasn't scaled outside of single organizations much that I've seen. If S/MIME offers the features you want and you like its implementation, and if all you want to offer is encrypted email exchange between your users, go for it. If you want your users to be able to exchange encrypted email with people outside your organization, PGP may be a wiser choice. -Bennett
msg05417/pgp00000.pgp
Description: PGP signature
