On Sun, Aug 31, 2025 at 07:11:17AM -0400, Jeffrey Walton wrote: [...] > Add it to the list at The PGP Problem, < > https://www.latacora.com/blog/2019/07/16/the-pgp-problem/>: > > Cryptography engineers have been tearing their hair out over PGP’s > deficiencies for (literally) decades. When other kinds of engineers get > wind of this, they’re shocked. PGP is bad? Why do people keep telling > me to use PGP? The answer is that they shouldn’t be telling you that, > because PGP is bad and needs to go away. > > There are, as you’re about to see, lots of problems with PGP. > Fortunately, if you’re not morbidly curious, there’s a simple > meta-problem with it: it was designed in the 1990s, before serious > modern cryptography. No competent crypto engineer would design a system > that looked like PGP today, nor tolerate most of its defects in any > other design. Serious cryptographers have largely given up on PGP and > don’t spend much time publishing on it anymore (with a notable > exception). Well-understood problems in PGP have gone unaddressed for > over a decade because of this. > > Jeff Much fluff, no content. Cheers -- t
Attachment:
signature.asc
Description: PGP signature