PGP, PGP/MIME, OpenPGP, and S/MIME: A Short History

PGP (Pretty Good Privacy) encryption has been around for some time. (Some time = A long time on a computer scale, but a very short time on a history of cryptography scale.) It was written by Philip Zimmerman, who had become alarmed in 1991 by a pending Senate anticrime bill that would have forced makers of secure communications equipment to build in trapdoors in all their products for government eavesdropping.

Zimmerman published PGP electronically, for free, without trapdoors, before that bill could be acted on. The anticrime bill that precipitated PGP's release was strongly opposed by civil libertarians and the security industry and was defeated. That didn't stop the government from investigating Zimmerman and PGP for the next four years.

Zimmerman is a senior fellow at PGP Security, Inc., which is home to the commercial version of PGP, PGP Data Security. He explains why he wrote PGP and what he expects the public to get out of it in his testimony to the Senate Subcommittee on Science, Technology, and Space. It’s an interesting commentary: http://www.pgp.com/phil/phil-quotes.asp

There's a small problem with using PGP Freeware. It supports PGP/MIME (MIME as in Multipurpose Internet Mail Extensions) security protocols, and PGP/MIME is outmoded. Not because it's bad or it's weak. It isn't; PGP/MIME is as good a cryptosystem as there is. What it isn't is standardized.

PGP/MIME inspired the development of two standardized data protection schemes, OpenPGP and S/MIME (Secure MIME), which offer similar data protection features, but are not compatible with each other, not even their keys.

In the long run, either OpenPGP or S/MIME will win out and you will most likely have to do some conversion. I think that the security that PGP Freeware offers in the meantime is worth that effort.