There’s a new GPGMail app – installed with GPGTools – that works on Lion: http://www.gpgtools.org/installer/index.html
Unless you’ve got S/MIME set up. If you do have S/MIME set up, the bundle won’t display the settings, nor will it “work”. You’ll have a GPGMail preferences pane in Mail.app, but the only options you get are enabling OpenPGP under Composing and Reading. You’re supposed to have the choice of keys, etc.

The previous GPGMail (a *long* time ago), allowed both S/MIME and OpenPGP, so this is a bit disappointing. Their bug tracker has that functionality scheduled for (possibly) version 2.1, and I’ll be trying it again at that point.

There are definitely challenges to having S/MIME and OpenPGP running the same mail client. If you (accidentally) try to do both at the same time, you get garbage that most mail clients can’t understand – because each mail client/plugin applies the encryption in a different order, and the recipient’s mail client would have to know that order. Now, if a person only has a PGP key or only has an S/MIME certificate, then it’s not that difficult – the mail client should select the appropriate encryption.

It is very nice to see that GPGMail is being developed actively again.

2 thoughts on “GPG on Lion – only if you don’t use S/MIME

  1. Mike Myers says:

    I was hoping this release would fix the annoying gpg-agent bug in which my private key passphrase would not store in the Keychain even though I checked that box every time. But it looks like the new release just throws out gpg-agent entirely (?). On the upside, at least now I can have OpenGPG cache the passphrase for a period of minutes. On the downside however, I shouldn’t have to, because this is exactly what Keychain is for.

    I guess I shouldn’t complain since at least it is being maintained like you said, but I wish the community could make PGP work half as seamlessly as S/MIME does. Nobody seems willing to pay a CA for an S/MIME cert; perhaps I can’t blame them.

Comments are closed.