On Sep 9, 2013, at 9:07 PM, John Levine <johnl@xxxxxxxxx> wrote: > Yes, and no. PGP and S/MIME each have their own key distribution > problems. With PGP, it's easy to invent a key, and hard to get other > people's software to trust it. With S/MIME it's harder to get a key, > but once you have one, the software is all happy. That's a bug, not a feature. The PGP key is almost certainly more trustworthy than the S/MIME key. > The MUAs I use (Thunderbird, Alpine, Evolution) support S/MIME a lot > better than they support PGP. There's typically a one key command or > a button to turn signing and encryption on and off, and they all > automagically import the certs from on incoming mail. Yup. That's also a bug, not a feature. I was just wondering why that is. The only implementation I've seen a reference to is Sylpheed, which is not widely used.