Hans Fugal wrote:
SMIME, at least the cert I got from Thawte, relies on the Web of Trust model too. That's exactly how it works. I guess the exception is that Thawte doesn't let you verify someone untill they're really sure that you are who you say you are.I have to agree with Michael: I use gpg because from where I sit it's the standard. Now, I may have my head in a hole but this is the first time I've even heard of SMIME, but I've been aware of gpg for a long time, and have been using it for quite a while as well.I like the web of trust model a lot more than the third party model, as well. I have very little trust for third parties that are organizations. I have full trust in very few third parties that are individuals - and it comes from knowing them personally and not from some status they have acheived. (indeed, the more popular they are the less I'm likely to trust them) I have control over who I trust in my web of trust. I trust them to be rational about who they trust, and so forth.
SMIME and PGP are really two different implementations of the same concept. They are administered differently, and use different algorithms. In essence they are the same thing, a PKI (Public Key Infrastructure). All of the benefits of PGP are included in SMIME (PKIX) and vice versa. It's understandable that PGP is the de facto standard among geeks, and that's fine. It really does look like SMIME etc. is the de facto standard in the corporate world though. While I say that I have to say also that I'm sure PGP is probably more popular in Europe than in the US.I may be irrational, but I've seen too many faked cop badges in the movies to unequivocally trust third parties. Sorry if this makes no sense because I did no homework into SMIME (too much other homework to do today)...
The SMIME thing is part of the PKI that includes SSL, and the code signing features that Sun, M$, Netscape, and /many/ others use. I'm not sure, but I think I can sign binaries with my cert.
____________________
BYU Unix Users Group http://uug.byu.edu/ ___________________________________________________________________
List Info: http://phantom.byu.edu/cgi-bin/mailman/listinfo/uug-list
