For obvious reasons we're in another spike of "everyone should PGP" discussions - pretty much every direction you look. This always tugs at the back of my mind - why not push S/MIME a bit more?
In my own experience the most common adoption problems with PGP for the uninitiated is getting the software to work where they want it and managing keys (including finding another person's key). Taking this from a push for adoption approach and not "our" ideal solution approaches, consider: - S/MIME is implemented in more places stock - S/MIME has at least one well supported Gmail option in https://www.penango.com/ - S/MIME directories are generally more apt to "just work" for the end-user once setup - S/MIME certificate management is more intuitive for first-timers IMO The two big objections to S/MIME I see more frequently are downloading your certificate from third-party and cost to get certificate. Both problems I think can be more easily solved than the adoption problems (on a wider bases) with PGP. Security and OPSEC failures can be posited between the two solutions at all levels - *shrug* .. So - broadly - why not work on the gaps in getting S/MIME more widely deployed? Why is it so often entirely disregarded? -Ali -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
