Well, the problems with using WKD is 1) You need to host your own web server 2) It assumes people will know how to set it up and have done so 3) It still requires people to manage and handle the keys.
These barriers to entry make it too hard for me to recommend it to people. Heck, I can't even do it myself because I use GitHub Pages.
I don't know, that's without mentioning the relatively weak encryption of pgp when compared to more modern protocols.
I like matrix, xmpp is okay but I no longer know anyone who uses it so I just stick to matrix as my go-to for secure messaging.
Btw, does anyone encrypt email in a email git workflow? That sounds like a nightmare.
I don't use mailing lists but that makes sense, ig.
Heavyness is a Synapse server problem afaik, Dendrite is lightweight enough that they crammed it in browser for the Matrix P2P experiment. Conduit seemed good too.
IRC might be more simple but it's also unusable as a modern chat program imo. IRC's simplicity is its biggest downfall. It can't cut it for mobile and it's just generally a bad experience.
I thought WKD required web server config?
Well, that's cool, I suppose. I still can't care enough to do it though, I just know I'll just never do PGP with someone because well, I don't email people.
(sorry for re-heating an ancient thread!)
While I think Sequoia and pEp are doing great work, I believe it is not easy enough for the average people to care.
Of course the security conscious can learn it and live through all the barriers but that means nothing when I spend most of my time receiving notifications through email or sending casual emails.
I believe that for people who do not care, the simplest solution while keeping in mind federation is Matrix.
But yeah, @sequoiapgp is doing amazing work.
The barriers are slowly coming down. Autocrypt, WKD, more workable OpenPGP implementations (like sq), better keyservers like Hagrid, all this leads to better usability in the long run.
The alternative currently usually boils down to one of the walled gardens, or Matrix, and neither is a good replacement for e-mail.
AFAIK Matrix is flexible enough to do threaded discussions like email but none of the clients do it. The closest thing would be that Microblog-like experiment they showcased a few months ago.
Also, I totally get the difference in style of discussion. I just find it hard to believe that pgp would ever scale to enable these conversations.
There are PGP-encryption-smtp-proxies (for a want of better word) like koverto. That means all software that sends mail can now be SMTP-proxied through koverto to get signed/encrypted mail from tools like Nextcloud, Gitlab, whatever else.
There are tools like OpenPGP-CA that can allow organizations to use OpenPGP kinda like S/MIME is used, simplifying key management.
@lionirdeadman @Seirdy I have run infrastructure for a large (100+ people) org, where everyone had an OpenPGP key, PGP was broadly used for communication, automated e-mails from our systems were all signed and many encrypted (depending on a given service), group mail was PGP-encrypted, and verified keys were automagically pushed to WKD.
Our team was not dozens of techies, either. There was some friction, today there would be less.
Main reason people don't do it is because they were told it can't work.
@Seirdy @lionirdeadman give me a federated protocol with newer crypto that has a fighting chance of replacing e-mail in all it's multitude of use-cases (direct communication, mailing lists, automated messaging, sending attachments, trivially adding/removing people from threads, CC/BCC, forwarding messages) for regular people, and I shall sing its praise.
I am not aware of any such thing at this point, though.
Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.