PGP Grows Up

By Dan Backman  Pretty Good Privacy grew up as a tough kid in a rough neighborhood. Originally released to the Internet in 1991 by its author, Phil Zimmerman, it survived hard times--copyright issues and export restrictions. Throughout its life, its choice of crypto algorithms changed and its trust models evolved, and PGP is now on its way to becoming an IETF standard dubbed OpenPGP. Designed to work at the grassroots level, PGP's strength is its reliance on its own ad hoc trust models, rather than a rigid, hierarchical PKI (public key infrastructure). Once freeware, PGP evolved into a company that now is part of newly formed Network Associates. The tough kid has grown up and is setting its sights on the enterprise. But is it mature enough to take on the responsibilities of mission-critical messaging? To view the Report card. No longer specifically targeting personal privacy, Network Associates put a significant amount of work into addressing the needs of the enterprise when it designed its PGP Desktop Suite. PGP Desktop Suite offers the PGP client for e-mail and files, a certificate server, an SMTP policy agent and the PGP SDK. With these tools, enterprise users can create a hierarchical trust model and enforce policies on message signatures, encryption, recovery keys and trust models. We put Network Associates' PGP Desktop Suite to work at Network Computing's lab at Syracuse University, where we recently evaluated secure-messaging clients built on Secure MIME version 2, RSA's competing secure-messaging standard (see "S/MIME: Not Quite Ready for Prime Time" at www.NetworkComputing/902/902r2.html). Our conclusion: When we last looked at S/MIMEv2 clients, we were unimpressed by the PKI support behind them. Users were forced to spend too much time working with or specifically trusting certificates and certificate authorities--and methods for revoking compromised certificates are still far from useful. By the same token, PGP's latest release incorporates strong features for the enterprise, but it, too, critically lacks effective certificate revocation and places a heavy burden of certificate management on the user. While S/MIME takes advantage of the same X.509 PKI already used in secure Web connections and SET (Secure Electronic Transactions), PGP offers similar functionality, but uses its own proprietary (and incompatible) PKI. Because both S/MIME and PGP are on the IETF track to becoming secure-messaging standards, some form of certificate compatibility is necessary--even if the messaging protocols are different. (For a closer look at OpenPGP and S/MIME in the IETF, see "S/MIME and OpenPGP Vie for Security Title" at www.NetworkComputing/904/904btb.html.) We don't like the idea of implementing an entirely new and separate PKI for secure messaging when an accepted one already is available. However, Network Associates deserves kudos for its unrivaled policy management--a crucial feature for enterprise use. But like many of the S/MIME clients we recently tested, PGP suffers from various irritating incompatibilities, primarily from its plug-ins to host e-mail clients. In addition, PGP's PKI does little to address the problem of certificate revocation and validity checking, another of our concerns with X.509-based S/MIME implementations.

For the Side Bar on Who's Secure By Nancy Cox Too Much Of A Good Thing? By Dan Backman Other Features The 1998 BOTI Awards: Best of the Web