RE: S/MIME or PGP?

["Walter Williams" <wbjw () mindspring com>]

You mean beside free versus pay?  If you go with Exchange 2000, don't use
it's native certs, as they are only x.509v1 not the industry standard of
x.509v3.  Instead use the also free Win2k CA and integrate.  More work, but
better results and if you ever want to secure email between companies it
becomes possible.

Enterprise PGP is neither free nor supported out of the box.  PGP is also
regarded more as a user to user solution, where trust is implicit rather
than explicitly structured, unlike with S/MIME.  Enterprise PGP solves some
of that, but if you need to do secure mail with another company, it will
only work if they also bought Enterprise PGP.  S/MIME will work with any
vendor's CA, Baltimore, RSA, Entrust, Verisign, Sun, Microsoft or even open
SSL.

Walt

> -----Original Message-----
> From: Darren Augi [mailto:daugi () optonline net]
> Sent: Wednesday, January 22, 2003 2:17 PM
> To: security-basics () securityfocus com
> Subject: Fw: S/MIME or PGP?
>
>
>
>
> Hello all,
>
> I have recently been tasked with making recommendations for a secure
> email solution for a large group with 500 users. I am trying to weigh
> either S/MIME built into Exchange or Enterprise PGP 8.0. It is a Win2k
> environment running Exchange 2000 and Outlook as a mail client.
>
> Please try and elaborate on the pros and cons of each. What would you
> recommend?
>
> Thanks
>
> D-