We have need in my organisation to send mails to another organisation and it must be ENCRYPTED and AUTHENTICATED. Basically in lay terms these are our objectives;
1. We need there to be privacy in the mails that go from our domain to the other domain so that if someone in our domain A wants to send a mail to someone in domain B and mistakenly sends it to someone in domain C, the person in domain C will not be able to view it (Encryption).
2. A more granular requirement similar to (1) above whereby the user A in domain A sends an encrypted mail intended for user B1 in domain B but mistakenly sent to user B2 in the same domain B but cannot read it because it is only meant for user B1 and not user B2.
2. If domain B receives a mail from domain C claiming to be from domain A, they will be able to verify that the mail is actually from domain C and not domain A and hence disregard it(Authentication).
3. We would like a process that is transparent to the users, meaning it will be a server side implementation rather than a client side implementation.
We have a Verisign ceritificate and wanted to implement TLS or SMIME or PGP. I need more information as to which of these three methods will easily satisfy our requirements and, if possible, why that method will be the best of the three.