Why are you using S/MIME?

You can still get free S/MIME certs from Comodo.

Trying to reply to a few parts of this nested thread at once, starting with OP:

>shawkinaw

>Goddammit. I really liked StartCom for free S/MIME certificates

Same. It came up over the last year in previous discussions when the covert acquisition began to come to light and I was forced to reluctantly dumb StartCom, but it really was a shame because StartCom's core business model was extremely sensible and doesn't seem to exist elsewhere. They essentially only charged for where there was a human time cost. So you could do automated verification (level 1) for free with decent time outs, and then upgrade to greater levels of identity verification (level 2 individual, level organization etc) building on the previous ones but in each case only the identity verification cost money, once verified you could request unlimited certs with that identity (since address ownership can be confirmed automatically). For email in particular it was quite nice.

As far as S/MIME vs PGP/GPG, it boils down to practicality in many situations.

>Why are you using S/MIME?

>It has less users than PGP/MIME, which is an impressive feat.

S/MIME has native transparent support on a number of major OS/email platforms, importantly including iOS (since iOS 5 IIRC). That helps solve the perennial general adoption problem encryption faces, ie., what happens when people using it interact with people who do not. With S/MIME there is some potential value just from signing and it doesn't require most recipients to install anything else at all.

I at least do use GPG in addition, and if Apple/Google/Microsoft/other clients all built PGP support natively into their platforms and email offerings then I'd stop bothering with S/MIME period. But as far as "how can I get many of my parents/family/friends to gain at least a little end-to-end email auth/security that they can use with minimal to zero additional effort on their part" goes S/MIME has remained valuable. Unfortunately. The entire state of email authentication in general is insanely frustrating (or even depressing), there are no great solutions right now despite the tech all being there. Use of S/MIME certainly has plenty of flaws. Right now though I've found it to still be a useful part of my toolkit and at one point I'd hoped that other places might adopt some of StartCom's innovations and ideas without the many warts. No such luck.

What is wrong with S/MIME?

It has less users than PGP/MIME, which is an impressive feat.

Since many major clients support it out of the box, I'd say that at least for verification purposes, it has more users than PGP/MIME.

Wasn't Comodo on the list of bad CAs one should avoid too?

You're probably thinking of https://news.ycombinator.com/item?id=11961034

Mostly for fun.

Do people use S/MIME with the standard (web-based) trust stores? If you're using it with a small group of people you're in communication with, you can always generate your own CA pretty easily with the openssl command.

(Except for the part about the openssl command, this is what Exchange does: everyone joined to an Active Directory domain gets config from the AD servers, so AD generates its own CA for S/MIME certs and tells its users about it.)

I am not a fan of Microsoft in any way and, fortunately, rarely have to touch a Windows box anymore. In a previous life, however, I was responsible for integrating UNIX/Linux systems in a Windows-based environment (i.e., a large organization with thousands of users).

Microsoft's CA services (in Windows) is actually an awesome product. You can create your own root CAs and intermediates and use the included templates or build your own to (automatically) issue certificates for anything and everything that needs to communicate (users, web servers, file servers (including encryption for data at rest), e-mail, etc.).

The CA services are one of the few things I will happily concede that Microsoft did "right" (along with Active Directory and SQL Server).