I've always thought that was pretty good, but I just came across this seemingly reasonable article that is *very* critical of it: latacora.micro.blog/2019/07/16

The tldr:

* pgp has weak security options and code complexity for backwards compatibility with the 90s

* because of that, pgp is really easy to misconfigue with poor security

* pgp doesn't provide forward secrecy

* pgp encourages you to have one master key that you never change, instead of rotating

Any thoughts/rebuttals?

> I've always thought that was pretty good, but…

(I'm slightly disappointed that, of all the many replies I got to the above toot, *none* of them were "I see what you did there")

Show thread

@codesections
Hmmm, would you care to enlighten us poor creatures? 😃

Follow

@RLetot

>>> I've always thought that was pretty good, but…
>> (I'm slightly disappointed that, of all the many replies I got to the above toot, *none* of
them were "I see what you did there")
> Hmm, would you care to enlighten us?

(PGP stands for Pretty Good Privacy, and I was saying it was "pretty good". It wasn't all that funny to begin with, and much less so now that it's explained!)

· brutaldon · 1 · 0 · 2
Sign in to participate in the conversation
Fosstodon

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.