Contrary to the hierarchical trust structure of S/MIME, OpenPGP is based on an anarchistic trust model consisting of trust chains (I trust somebody who trusts somebody whom I trust). A 100% allocation of a public key to a person is thus not automatically possible.

This means that complete certainty can only be established via manual validation, for instance by checking the finger print (hash) and comparing it via another communication channel (e.g. telephone).

SEPPmail Secure E-Mail Gateway, with its GINA technology, provides the communication partner with the option of uploading their key material. Since, in this case, the authentication of the user has already been implemented by registration in GINA, no additional validation of the key is required in this version.

 

OpenPGP suitable for both personal and domain-specific (see Gateway-to-Gateway (Domain) Encryption) encryption.