[messaging] alternative to OpenPGP?

[Peter Gutmann]

Trevor Perrin <trevp at trevp.net> writes:

>Another thing to be careful about with (PGP, S/MIME, JOSE, XML-Security) is
>that it's up to you to compose public-key signing and public-key encryption.
>It's not always easy to figure out whether to sign-then-encrypt or encrypt-
>then-sign, and what other checks to add.

CMS (so S/MIME) at least gets this right, its authenticated-encryption mode
uses encrypt-then-MAC, and also MACs metadata to protect that.

Peter.