We‘ve been using S/MIME-based end-to-end email encryption at work for a long time now. It’s a bit of a hassle whenever new employees start, and every two years after that, but it’s manageable. Apart from that, it just works. Why is it never even considered by so many people?

Jan 22, 2021 · 8:14 PM UTC

4
1
11
More importantly, why is no-one working on making it less of a hassle? I know it doesn’t encrypt metadata, but it’s still so much better than most messaging services, let alone unencrypted, web-based email from a security perspective.
7
12
Replying to @stilkov
Do you use a private CA or public one? And how do you handle malware and URL scanning? These are the biggest problems from my POV
1
We use a public CA. Not sure what you’re referring to regarding malware – the general problem that end-to-end-encrypted communication can’t be intercepted? I consider that a feature, not a bug
Replying to @stilkov
I noticed that when communicating with @simonharrer and was very delighted about that. 😊
2
Replying to @stilkov
I used S/MIME professionally and privately for 10 years (as a lone wolf), and received exactly one (!) encrypted mail during that time. Then I gave up. In the pre-Snowden age.
3