All,
Somehow we missed this, but the IETF published an update to S/MIME in April of 2019:
https://tools.ietf.org/html/rfc8551
Among other things, this update addresses the EFAIL cryptographic vulnerability in S/MIME by adding support for some new cipher suites with Galois/Counter Mode (GCM) instead of the old (insecure) Cipher Block Chaining (CBC) mode.
Using S/MIME bring the advantage that it shares most of the infrastructure that is already in place for TLS, particularly when it comes to trusting a third party. PGP depends on the "web of trust" for this and may not be as attractive to some.
Thoughts?
________________________
Michael Sweet