|
By Kelly Jackson Higgins
When it comes to evaluating the latest versions of rival secure e-mail protocols--S/MIME and OpenPGP--the debate boils down to one simple question: Which method do you trust more? Do you entrust an S/MIME third-party CA (certification authority) with the job of assigning and managing your digital certificates, or would you rather play it closer to the vest and perform those operations in house with OpenPGP?
You'll have to choose between the two: S/MIME and OpenPGP can't work together, so if you want to send a digitally signed and encrypted message to your business partner, both of you have to be using the same secure mail protocol.
Some members of the S/MIME community are pushing to roll the two IETF secure mail efforts into one, especially since
some of OpenPGP's new features make it look a lot like S/MIME. David Andrews, senior security product manager at Netscape Communications Corp., which packages S/MIME in its Communicator software, says he expects the IETF OpenPGP and S/MIME working groups to join forces to develop a single protocol, if only as a way to avoid duplication of effort.
 But IETF officials say that though the two working groups are making life easier for e-mail software developers by using the same encryption algorithms and MIME encapsulation formats for both protocols, a single protocol is a long shot, given the number of S/MIME and PGP implementations already in existence. The two IETF working groups each expect to release their protocols as proposed standards soon..
For now, S/MIME is on a roll. Microsoft Corp. and Netscape already package early versions of S/MIME into their e-mail clients, IBM-Lotus is about to ship S/MIME in its next releases of Domino and Notes, and
all three say they intend to back the IETF's new S/MIME, version 3. That formidable level of endorsement from the Big Three in the vendor community has kept S/MIME alive despite all the bad publicity surrounding the early version's reliance on RSA Data Security's proprietary RC2 crypto algorithm. The nadir for S/MIME occurred last year when IETF officials, frustrated that developers had to pay royalties to RSA to use RC2 in their S/MIME e-mail packages, banned use of S/MIME as a secure mail technology in any protocol effort. That action prompted S/MIME vendors to create the new IETF-blessed S/MIME 3, which supports a variety of encryption algorithms, not just RSA's RC2.
OpenPGP and its earlier iterations, meanwhile, haven't garnered equal high-profile acceptance among vendors. Although there are third-party plug-in packages for adding PGP to Microsoft Outlook Express and Netscape Communicator mail products, to date none of the Big Three folds PGP into its software. But a ray of hope glimmers for the OpenP
GP marketing machine. Sources close to Network Associates--which acquired PGP Inc., the protocol's creator--say the company hasn't given up on earlier discussions with Microsoft on the possibility of Microsoft endorsing PGP for its e-mail products. Microsoft, meanwhile, continues publicly to push S/MIME for securing e-mail. "At this point in time, we are not planning to do anything with PGP," says Stan Sorensen, product manager for Microsoft Exchange.
So far, PGP's big-name developers include QUALCOMM, which also supports plug-ins for S/MIME, and, of course, PGP Inc. Some industry analysts think OpenPGP's skimpy vendor backing means its days are numbered. "The market force represented by Microsoft and Netscape will make the outcome inevitable," predicts Brandenburg principal Dave Crocker.
Worse, PGP suffers from an image problem because of its research community heritage and its populist approach to doling out digital certificates. "Corporate America sees PGP as academic," not corporate, says Rik Drummo
nd, chair of the IETF's EDI Internet working group, which supports both S/MIME and OpenPGP for securing EDI transactions over the Internet. Many corporate security adherents seem to put a lot of stock in the X.509 standard format used by S/MIME for digital certificates, which can be issued only by a CA. OpenPGP supports not X.509, but rather a digital certificate format developed by PGP Inc. Industry analysts say big corporations want the extra level of authority a CA brings to the table, as well as the better-established X.509 digital certificate, which includes the SSL (Secure Sockets Layer) security feature for browsers and is used for signing Java applets.
S/MIME 3 incorporates some flashy new features that PGP lacks, like encrypted mailing lists and digitally signed receipts, where the sender gets a digitally signed notice from the recipient ensuring that the message arrived intact. It also adds security "labels" for marking messages with categories such as "top secret" or "proprietary." Only users w
ith "proprietary" mail clearance, for instance, could read messages with that label.
But wait--here's a reality check. Although The Radicati Group, a consultancy specializing in e-mail, estimates there are about 25 million Internet e-mail users worldwide, few actually encrypt their messages. There are no hard numbers to quantify this, but some security experts claim users encrypt only about one in every 50 to 100 of their e-mail messages.
Perhaps one of the biggest obstacles to widespread adoption of secure e-mail is its complexity. Users want encryption and digital certification to be as simple as hitting the "send" button to shoot a message over the Internet. "As implementers, we have to find ways of making this stuff comprehensible and easy to use," says John Noerenberg, chair of the IETF's OpenPGP working group and director of technology for QUALCOMM.
The Same, Only Different
Simplicity, in fact, is OpenPGP's strongest suit. With PGP and OpenPGP, each user, in effect, is a CA. PGP's so-c
alled "Web of trust" lets users build their circle of safe e-mail correspondents informally, often relying on the word of a trusted correspondent that his or her digital signature is legitimate. They can keep their keys and dole them out to their correspondents, or store them on one of a handful of PGP key repositories, such as one at the Massachusetts Institute of Technology, or on their corporate servers. That's a far cry from S/MIME's hierarchical approach, where a CA like Entrust or VeriSign acts as a Division of Motor Vehicles of sorts for digital certificates. With OpenPGP, it's just the two of you.
Nowadays, OpenPGP and S/MIME are no longer so different technology-wise, which is why some IETF members question the need for parallel protocol efforts for secure e-mail. Both protocols are haunted by some backward-compatibility issues with earlier versions, and neither is considered an ideal secure mail solution for all types of user organizations. S/MIME may not appeal to small or midsized companies th
at cannot afford the expense or hassle of bringing a CA into the e-mail picture. By the same token, OpenPGP's lack of a true CA could limit its usefulness at large corporations. "The Web of trust may not work well enough in large organizations, where a central model does better," says Michael Zboray, a research director at Gartner Group, and it's still unclear whether the meta-introducer option in OpenPGP would scale well.
The bottom line is that both forms of trust--the S/MIME's third-party CA and OpenPGP's Web of trust--are viable. "There's a requirement for both models," says Zboray. What a pity they don't "trust" each other enough to work together.
|
REPORTS
ANALYTICS
Follow 
