What S/MIME and PGP Have in Common
Before diving into the differences, it's worth acknowledging the common ground. S/MIME and PGP both use asymmetric (public-key) cryptography to encrypt and sign email messages. In both systems, you have a public key — which you share openly — and a private key — which never leaves your possession. Anyone can encrypt a message to you using your public key; only you can decrypt it with your private key.
Both standards support digital signatures, which allow recipients to verify that a message genuinely came from the stated sender and was not modified in transit. Both have broad support across major email clients: Thunderbird, Apple Mail, Outlook, and most enterprise email systems understand both formats. And both, when properly implemented, provide genuine end-to-end encryption that prevents anyone — including the email provider — from reading message content.
The difference lies not in the cryptography itself, but in how keys are distributed and trusted.
How PGP Works
PGP — Pretty Good Privacy — was created by Phil Zimmermann in 1991 and standardised as OpenPGP in RFC 4880. Its defining characteristic is the web of trust: a decentralised model of key verification where trust is established through a network of peer endorsements rather than a central authority.
When you create a PGP key pair, you generate it yourself — no third party is involved. You publish your public key on key servers or share it directly. When someone else wants to trust your key, they can verify it out-of-band (by checking your key fingerprint in person, over a phone call, or through another secure channel) and then sign it with their own key, creating a chain of attestations.
This model is decentralised by design. There is no Certificate Authority that can be hacked, subpoenaed, or go out of business. Your key is yours, created by you, verified through human relationships. The downside is that this verification process requires effort — particularly for non-technical users who may not understand key fingerprints or key-signing parties.
OpenPGP is an open standard, and numerous free implementations exist: GnuPG (GPG) is the most widely used. This openness means PGP keys are free to generate and use, with no recurring costs.
How S/MIME Works
S/MIME — Secure/Multipurpose Internet Mail Extensions — takes a completely different approach. Instead of peer-to-peer trust, it relies on the same Public Key Infrastructure (PKI) used for HTTPS certificates on websites. Your S/MIME certificate is issued by a Certificate Authority (CA) — a trusted organisation that verifies your identity before issuing the certificate.
When a recipient receives an S/MIME-signed email, their email client checks the signing certificate against the chain of trust rooted in CAs that their software already trusts (the same list used for HTTPS). If the CA is trusted and the certificate is valid, the signature is considered verified automatically — no manual key verification required.
S/MIME certificates must be obtained from a CA, which typically means applying through a validation process and paying a recurring fee (although some CAs offer free basic certificates). The certificates expire and must be renewed, and certificate management can become complex in enterprise environments.
Side-by-Side Comparison
| Feature | PGP / OpenPGP | S/MIME |
|---|---|---|
| Trust model | Web of trust (peer-to-peer) | PKI / Certificate Authority |
| Key distribution | Key servers / direct exchange | Embedded in signed emails / directories |
| Corporate/enterprise support | Limited — requires tooling | Strong — native in Outlook/Exchange |
| Setup complexity | Moderate (key management) | Low for end users (CA handles it) |
| Cost | Free | Free to paid (CA fees) |
| Compatibility | Broad (with plugins/clients) | Native in most enterprise clients |
PGP Advantages
PGP's decentralised model is its greatest strength. There is no Certificate Authority to compromise, subpoena, or pressure into issuing fraudulent certificates. The history of PKI includes numerous CA breaches — DigiNotar, Comodo, Symantec — where CAs issued fraudulent certificates that could have been used to undermine S/MIME trust chains.
PGP keys are free to generate and cost nothing to maintain. The OpenPGP standard is open and auditable — anyone can inspect the specification and the implementations. PGP enjoys broad adoption in the security and privacy research community, in open-source projects, and among journalists, activists, and whistleblowers who need cryptographic protection without reliance on commercial CAs.
For zero-knowledge email architectures, PGP's key generation model — where keys are created on the user's device and never leave it — is a natural fit. There is no CA that could, even theoretically, be compelled to issue a duplicate certificate for your identity.
S/MIME Advantages
S/MIME's PKI model is a genuine advantage in enterprise environments. Outlook and Exchange support S/MIME natively with no additional software. Large organisations can issue S/MIME certificates to employees through an internal CA, enabling signed and encrypted email across the organisation without requiring users to manage keys manually.
For less technical users, S/MIME's automatic trust verification — where the email client validates signatures against trusted CAs without user intervention — is significantly easier than PGP's manual key verification. The friction of verifying key fingerprints is real, and it has historically been one of PGP's biggest barriers to mainstream adoption.
S/MIME is also generally better supported in mobile email clients out of the box, particularly on iOS and macOS where Apple Mail has built-in S/MIME support.
What enemail Uses
enemail uses OpenPGP encryption. This choice was deliberate and reflects our core architecture.
Zero-knowledge email requires that encryption keys never exist on the server in decryptable form. OpenPGP's key generation model — where your private key is created on your device and is never transmitted — is architecturally compatible with this requirement. S/MIME certificates, by contrast, often involve the CA in the key generation or escrow process, creating potential points where a third party holds or has held a copy of your private key.
The open standard also matters. OpenPGP is defined in publicly auditable RFCs, and our implementation can be inspected, audited, and verified independently. There is no proprietary dependency, no CA relationship to manage, and no certificate expiry to catch users out.
We handle the key generation and management automatically so you don't need to understand the mechanics. You get the privacy benefits of OpenPGP — decentralised, CA-free, zero-knowledge compatible — without needing to touch a key server or verify a fingerprint manually.