John L Fjellstad wrote on Tuesday, April 03, 2007 4:58 PM -0500: > The reason you and people who use OE see it as an attachment is > because MS is unable to implement an 11 years old standard. > This page (http://www.imc.org/smime-pgpmime.html) has a discussion > about the different standards (PGP/MIME and S/MIME) and links to the > different RFCs.
S/MIME was intended to work with a certification authority (CA) model based on a small number of universally trusted root CA's, while PGP assumed a distributed web of trust model based on personal relationships between individual users. There's no technical reason a CA can't sign a PGP key, but this was not the intended mode of use. I suggest the problem wasn't MS's inability to implement PGP (it's no harder than S/MIME), but more likely they couldn't see a way to make money from it. Instead, they built native S/MIME support into their MUA's, built a certificate store into their operating system and bought VeriSign. -- Seth Goodman -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
