[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Verifying signed mail in Gnus
|
From: |
Björn Bidar |
|
Subject: |
Re: Verifying signed mail in Gnus |
|
Date: |
Wed, 02 Nov 2022 22:52:47 +0200 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) |
Uwe Brauer <oub@mat.ucm.es> writes:
> 1. The public key interchange is so much simpler (but see below
> risks), since the public key is always embedded in your signature
There are movement on going to improve that notably autocrypt. The only
downside is that email clients in general aren't that good or good to
adapt to new standards.
> 2. SMIME support is basically shipped in most MTA, moreover the key
> generation is also much simpler for newbies.
What I see quite often that PKCS#11 is not always implemented in all
programs that use similar certificates as SMIME where as for pgp it was
never an issue to use hardware tokens since most programs us gpg.
> 3. IF you have the all the relevant CAs installed (which might not
> always be the case), the authentification is done automatically,
> for GNU/Linux for example by the ggpsm program which is used
> usually by emacs.
I think that is also possible with pgp but it depends on your pgp
program and your email program. Clients such as Kmail can do these
things automatically I think.
> 4. Some government agencies already provide SMIME keys for their
> residents, for example Spain.
Some governments or agencies support pgp, quite often security researchs
offer it.
In Germany some of parts justice system support pgp, although I haven't
seen them distribute their keys on a keyserver.
Br,
Björn