• kata1yst@sh.itjust.works
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      27 days ago

      No idea how I’m supposed to take this ranty blog needlessly interspersed with furry cartoons seriously. But it’s basically just restating (poorly) all the same criticisms and alternatives written about here: https://www.latacora.com/blog/2019/07/16/the-pgp-problem/

      The ‘real’ criticisms of PGP are that it’s old, it’s clunky, and it doesn’t support forward secrecy by design. None of that is invalid, but I think the importance of those points depends on the use case and user.

      The alternatives given are myriad and complexity and clunkiness are interspersed between dozens of solutions instead of well understood and documented in one tool.

      That isn’t a superior approach. I’m not arguing that PGP is perfect, but it’s absolutely asinine to suggest (like this blog and others suggest) that the solution is to use dozens of other solutions with their own problems and with less auditing.

      If we’re going to replace PGP, we need to do it properly in a centralized library/toolchain. Breaking up the solution and spreading it around just magnifies the problems.