For example, one provider and client like proton mail only uses OpenPGP and apple mail client only supports s/mime. Why is that? Why can we not have Proton mail support both, end of the story. Ain’t it?
For example, one provider and client like proton mail only uses OpenPGP and apple mail client only supports s/mime. Why is that? Why can we not have Proton mail support both, end of the story. Ain’t it?
S/MIME is insecure, outdated, depreciated, and should be discontinued; yet people don’t want to adapt or grow or change.
Because some organizations do use S/MIME; all email software is required to implement it, that is if they want to be adopted and used by said influential organizations.
OpenPGP and PGP in general is secure but suffers from usability issues and is often wrongly painted as user-unfriendly. (it’s really no worse than S/MIME, installing and managing keys is exactly the same hassle as it is with S/MIME.) The main issue is that some people are too lazy or resistant to change to adapt to it.
That’s damning with faint praise if I ever heard it.
The biggest problem of OpenPGP is key management. The web of trust is fine but key rotation is an absolute nightmare. And I say this as someone who has been comfortable using it for 27 years.
Funny thing to me about this is that I’ve been using PGP since 1993. OpenPGP became an RFC standard in 2007.
S/MIME became an RFC standard in 1999. And that’s really the reason it has stuck around. It got an 8 year head start on OpenPGP, despite PGP itself being used in email as far back as 1991.