Bennett Todd touched on one of my favorite points of PGP. Infrastructure. In short, PGP allows for fast adoption without much investment in infrastructure to support it.
And as Bennett pointed out, PGP is already widely implemented within many environments. And while encrypted email itself is not widely adopted, those who have adopted it often use PGP. But. As much as I like PGP, there is an issue with it. How do you get a legal copy for your environment? NAI has ceased producing a commercial version. The Personal version is lot licensed for commercial use (and alas, that includes the CKT offshoot - as cool as it is). There was an interesting article (http://www.salon.com/tech/feature/2002/03/27/gnupg/index.html) asking whether GnuPG (http://www.gnupg.org/) can pick up the slack left by NAI's exit. Its possible. But as good as GnuPG is, it does not provide the kind of integration Windows users became accustomed to from NAI's product. Instead, Windows users will have to use a combination of GnuPG and an email client plugin. Since my main desktop environment is Linux (and my email clients usually have built-in GnuPG support), I have not had to figure this out on my own (though I plan to look in to it). I have read claims of perfectly good Windows plugins. And I have seen a few interesting links relating to integrating GnuPG in to various Windows email clients: http://www.gnupg.org/frontends.html http://enigmail.mozdev.org/index.html http://www.jumaros.de/rsoft/gpgshell.html http://www3.gdata.de/gpg/ http://www.winpt.org/ http://www.geocities.com/openpgp/courrier_en.html It might be worth taking a look at these. On Fri, 2002-03-22 at 14:22, Garbrecht, Frederick wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I apologize if this is a hopelessly stupid question, but I don't > really understand the relative merits of using PGP for email > authentication & encryption versus using Microsoft's implementation > of s/mime and digital signatures. I run a small windows network and > would like to begin offering my users some way to authenticate (and > if necessary encrypt) their email. Since we use Outlook pretty > uniformly and Exchange Server, it would seem logical to use the built > in capabilites these products have to provide security. Is there a > reason not to do this and use a third party product ala PGP instead? > I assume the answer has at least partly something to do with the MS > tendency to avoid cross-platform compatibility by not implementing > stuff completely in accord with standards (like they've done with > ipsec), but I'd be interested in hearing from the experts. > Thanks > Fred > > -----BEGIN PGP SIGNATURE----- > Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com> > > iQA/AwUBPJuSqLpfJ1+Q9TWkEQKAMACcCmUENdUR8OcJsegbp1ZRlNviiiwAn06V > D/2TySJXUX0qOfFEQ4uFsmXo > =pYUF > -----END PGP SIGNATURE----- > -- .: Paul Hosking . [EMAIL PROTECTED] .: InfoSec .: PGP KeyID: 0x42F93AE9 .: 7B86 4F79 E496 2775 7945 FA81 8D94 196D 42F9 3AE9
