On Wed, Sep 11, 2013 at 8:50 AM, Michael Greenly <mgreenly at gmail.com> wrote:
>
> S/Mime uses a centralized certificate authority.  PGP/GPG is decentralized.  There's no question that PGP/GPG is preferable over S/Mime because of this
>
>

S/MIME and GPG/GPG use the same crypto. So from the standpoint of
protecting the message content, they will be identical. Using a CA
does not provide the private key to the authority.  Thus, having
access to the CA does not allow you to decrypt things from
certificates it signs- it only permits you to generate another
certificate that would be trusted the same way, making a future
man-in-the-middle attack possible.  But it wont help you on any
existing/past messages, and it wont do any good if the two parties in
the exchange continue to use the keys they already had.

Jay