From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/84379 Path: news.gmane.org!not-for-mail From: Rainer M Krug Newsgroups: gmane.emacs.gnus.general Subject: Re: Email encryption with S/MIME or OpenPGP? Date: Thu, 20 Mar 2014 15:44:51 +0100 Message-ID: References: <87ob12gkjs.fsf@gilgamesch.quim.ucm.es> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha1; protocol="application/pgp-signature" X-Trace: ger.gmane.org 1395326763 7084 80.91.229.3 (20 Mar 2014 14:46:03 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Thu, 20 Mar 2014 14:46:03 +0000 (UTC) To: ding@gnus.org Original-X-From: ding-owner+M32625@lists.math.uh.edu Thu Mar 20 15:46:11 2014 Return-path: Envelope-to: ding-account@gmane.org Original-Received: from util0.math.uh.edu ([129.7.128.18]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1WQeEV-0003vj-FB for ding-account@gmane.org; Thu, 20 Mar 2014 15:46:11 +0100 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu) by util0.math.uh.edu with smtp (Exim 4.63) (envelope-from ) id 1WQeDQ-0007Vy-L1; Thu, 20 Mar 2014 09:45:04 -0500 Original-Received: from mx1.math.uh.edu ([129.7.128.32]) by util0.math.uh.edu with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63) (envelope-from ) id 1WQeDN-0007Vh-Fv for ding@lists.math.uh.edu; Thu, 20 Mar 2014 09:45:01 -0500 Original-Received: from quimby.gnus.org ([80.91.231.51]) by mx1.math.uh.edu with esmtps (TLSv1:AES128-SHA:128) (Exim 4.76) (envelope-from ) id 1WQeDL-0005c4-QZ for ding@lists.math.uh.edu; Thu, 20 Mar 2014 09:45:01 -0500 Original-Received: from mail-wg0-f46.google.com ([74.125.82.46]) by quimby.gnus.org with esmtp (Exim 4.80) (envelope-from ) id 1WQeDK-00013P-CH for ding@gnus.org; Thu, 20 Mar 2014 15:44:58 +0100 Original-Received: by mail-wg0-f46.google.com with SMTP id b13so688596wgh.29 for ; Thu, 20 Mar 2014 07:44:52 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=from:to:subject:references:date:in-reply-to:message-id:user-agent :mime-version:content-type; bh=mPKmaLMrv8MbZcqGwjiGhSVWOeA4ir8HXcm8hI0t5Fc=; b=A6u9IC7qjIJdl1On5Xn8WrW2RguFzaATXFJK78TM+MiBKlpe6Eo+4H+EjtCnBnqyk8 3vzlAn/r+yJK2sw4zIXqT76RzQGGmWXmbYsq6HpmW/jtJoe7tdR8o76oBZwSniZVSsZw UAJv2m0H4VRJ267c1l01iq5tV7P4LHSOX0FcQKNsCgNzOmZKryUeJ0yf6hm+yooAXNlU uBzrT/67hBPgmW85HAQL3dz804WB6xGjFZgFkjXJHQS5sT+Dq5YwDcbnk+G19MfsZqAD ha2MncOb3vrPLhHyvGt6vFkUhRaOL/ZNwqb1ToYW1sY253FZIrGfg01AN7iENgMJw4Qi IVYA== X-Received: by 10.194.206.102 with SMTP id ln6mr8543243wjc.43.1395326692611; Thu, 20 Mar 2014 07:44:52 -0700 (PDT) Original-Received: from Rainers-MacBook-Pro-2.local (arn78-1-88-186-171-7.fbx.proxad.net. [88.186.171.7]) by mx.google.com with ESMTPSA id h9sm5555602wjz.16.2014.03.20.07.44.49 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 20 Mar 2014 07:44:50 -0700 (PDT) In-Reply-To: <87ob12gkjs.fsf@gilgamesch.quim.ucm.es> (Uwe Brauer's message of "Wed, 19 Mar 2014 18:33:43 +0100") User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (darwin) X-Spam-Score: -2.9 (--) List-ID: Precedence: bulk Xref: news.gmane.org gmane.emacs.gnus.general:84379 Archived-At: --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Uwe Brauer writes: >>> "Rainer" =3D=3D Rainer M Krug writes: > > > Hi > > At the moment I am using OpenPGP to sign and encrypt my emails, but > > this does not work easily on my iPhone (please tell me otherwise if = it > > does?). > > No it is not, unfortunately. There is no native support and the 3rd > party pkgs are not terrible easy to use, since they are not integrated > with the email reader. One of them is even not gpg conform and it was > impossible to import an old gpg key of mine. > > This was one of the reasons for me to switch to smime. Hm - not nice. I thought there would be an easy option. > > > But the iPhone implements S/MIME encryption. Now what are the > > advantages of using each as a standard signing / encryption? Which > > one is better / safer? I have OpenPGP working via gnus on a Mac and > > am happy with it. > > Both use a-symmetric encryption and are both safe, what is radially > different is the distribution of public keys. Pgp/gpg has a key model in > which you generate your key pair and distribute your public key or > uplaod it to a server. The problem is not safety but authency so in gpg > you hope that your key on the server gets signed but a sufficient amout > of trustworthy people. > > Smime has a hirachical model. There are a couple of organisations with > posses a root certificate in which signed public keys (called > certificates). You typically apply for such a certificate (a process in > which the encryption module of your bowswer generate your private key), > the authority then allows you to download your certificate signed by > their root certificate, confirming usually only the authenticity of your > email address. Thanks - the difference is clear to me.=20 > > > So - what are others using and why? Should I use S/MIME instead? > > > Well it is much easier to use and also easier to convince others to use > it as well, because > > > - It is integrated in your email reader usually.=20 > > - You do not have to generate a key pair for your self. > > - And you do not need to exchange the public keys, they are > automatically included in your signature. > > - it is compatible with the iPhone. Good arguments - but I am using a Mac and the GPG version for the mac does not yet included gpgsm - so I have the option of using the homebrew version, wait, or not use easyPG in GNUS. Cheers, Rainer =20 > > cheers > > Uwe Brauer=20 =2D-=20 Rainer M. Krug email: Rainerkrugsde PGP: 0x0F52F982 --=-=-= Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) iQEcBAEBAgAGBQJTKv7nAAoJENvXNx4PUvmC1eMIAOldSOChGEPz5QzMxIPTsiRn WMCBJkj8t18ma/kkJYjwGpHS4r7K33HjIFucyFwiwYo96Wqs23c3fSjnWe7aeSkG c2tKXoe0ofrdUv5FmqFJoDIJpnkR1MAyECIuGmBjOAf55txA6snIu86FpdovhhZp 4erHttXALwhYaSXhjtjs4ncLX7KJBk1FM4wdDvcNvX5MdtS+4WrMPtCHUUw9tPZk eMXQprFj5wv1rA2IGYUF4eh9jwwFU3mz5SmnGFSwQpLwbeDY8H0+2Zx8/jRWqyix JIhp+bqwPfG5/+S7B9IGk7VBi1w7VTJPa2/iPoX5Rknxj0b5C517axM/yQLOx88= =wxLx -----END PGP SIGNATURE----- --=-=-=--