On Sat, Feb 28, 2004 at 06:36:46AM +0100, Simon Richter wrote: > "corporate" protocol, with a centralized trust structure. It would be no > problem to introduce centralized trust into an OpenPGP WOT (in fact, it > is being done, e.g. by German computer magazine c't, who offer an > OperPGP signing service and have their fingerprint in every issue), and > it would be no problem to introduce a WOT into S/MIME. > In fact, Thawte is doing just that, for free. Their freemail service offers varying levels of assurance, from email-confirmed (i.e. they've confirmed that the holder of a particular key controls an email address) to vetted by multiple WOT "notaries". IMO the standards are more similar than different.
For a "one-off" use of crypto, I'd suggest OpenPGP. For something you wanted to maintain longer term, I'd suggest S/MIME, simply because IMO the client support is superior as is the general infrastructure. FWIW, though, cryptographically they're virtually identical. I'd say I use each 50% of the time, depending on whom I correspond with. The deciding factor for me is usually what my correspondant is savvy enough to use. regards, petard -- If your message really might be confidential, download my PGP key here: http://petard.freeshell.org/petard.asc and encrypt it. Otherwise, save bandwidth and lose the disclaimer. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
