Privacy

35800 readers

586 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

Is there a reason S/MIME and OpenPGP do not coexist? (lemmy.ml)

submitted 9 hours ago by tiz@lemmy.ml to c/privacy@lemmy.ml

6 comments fedilink hide all child comments

For example, one provider and client like proton mail only uses OpenPGP and apple mail client only supports s/mime. Why is that? Why can we not have Proton mail support both, end of the story. Ain’t it?

top 6 comments

sorted by: hot top controversial new old

[–] XTL@sopuli.xyz 2 points 1 hour ago

Microsoft wants GPG/PGP dead and if it isn't in outlook, corporate won't use it and if corporate don't use it, there's no business incentive for services either.

[–] Melody@lemmy.one 14 points 9 hours ago (2 children)

S/MIME is insecure, outdated, depreciated, and should be discontinued; yet people don't want to adapt or grow or change.

Because some organizations do use S/MIME; all email software is required to implement it, that is if they want to be adopted and used by said influential organizations.

OpenPGP and PGP in general is secure but suffers from usability issues and is often wrongly painted as user-unfriendly. (it's really no worse than S/MIME, installing and managing keys is exactly the same hassle as it is with S/MIME.) The main issue is that some people are too lazy or resistant to change to adapt to it.

[–] Hawke@lemmy.world 10 points 8 hours ago

it's really no worse than S/MIME

That’s damning with faint praise if I ever heard it.

The biggest problem of OpenPGP is key management. The web of trust is fine but key rotation is an absolute nightmare. And I say this as someone who has been comfortable using it for 27 years.

[–] adespoton@lemmy.ca 4 points 7 hours ago

Funny thing to me about this is that I’ve been using PGP since 1993. OpenPGP became an RFC standard in 2007.

S/MIME became an RFC standard in 1999. And that’s really the reason it has stuck around. It got an 8 year head start on OpenPGP, despite PGP itself being used in email as far back as 1991.

[–] swelter_spark@reddthat.com 3 points 8 hours ago

Most email clients I've used can work with either, but there's no point in using both.

[–] bad_news@lemmy.billiam.net 0 points 7 hours ago* (last edited 7 hours ago)

Email is like IRC, outdated and inherently insecure, and awesome and I still use it knowing that. It's insane that everything started using email for real government and business shit to begin with. You can't 'secure' it as it is, even with this endpipe cosigning crap. I say just avoid email for sensitive comms altogether, treat it like the public mailbox it is, like IRC

[edit: or this!]