[messaging] alternative to OpenPGP?

Peter Gutmann pgut001 at cs.auckland.ac.nz
Mon Aug 17 04:24:46 PDT 2015

Trevor Perrin <trevp at trevp.net> writes:

>Another thing to be careful about with (PGP, S/MIME, JOSE, XML-Security) is
>that it's up to you to compose public-key signing and public-key encryption.
>It's not always easy to figure out whether to sign-then-encrypt or encrypt-
>then-sign, and what other checks to add.

CMS (so S/MIME) at least gets this right, its authenticated-encryption mode
uses encrypt-then-MAC, and also MACs metadata to protect that.


More information about the Messaging mailing list