I've always thought that was pretty good, but I just came across this seemingly reasonable article that is *very* critical of it: latacora.micro.blog/2019/07/16

The tldr:

* pgp has weak security options and code complexity for backwards compatibility with the 90s

* because of that, pgp is really easy to misconfigue with poor security

* pgp doesn't provide forward secrecy

* pgp encourages you to have one master key that you never change, instead of rotating

Any thoughts/rebuttals?

Follow

> I've always thought that was pretty good, but…

(I'm slightly disappointed that, of all the many replies I got to the above toot, *none* of them were "I see what you did there")

@codesections it was so obvious but I didn't want to be a smartass :p

@codesections
Hmmm, would you care to enlighten us poor creatures? 😃

@RLetot

>>> I've always thought that was pretty good, but…
>> (I'm slightly disappointed that, of all the many replies I got to the above toot, *none* of
them were "I see what you did there")
> Hmm, would you care to enlighten us?

(PGP stands for Pretty Good Privacy, and I was saying it was "pretty good". It wasn't all that funny to begin with, and much less so now that it's explained!)

Sign in to participate in the conversation
Fosstodon

Fosstodon is a Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.