His main premise is that the web of trust model fundamentally breaks several important things, such as encouraging long-lived keys. I’m a fan of GPG for encryption, but I’ve always found it unwieldily for communication. Thoughts?
4 Likes
Just use protonmail. Services should encrypt by default without your even noticing.
1 Like
That is super surprising. PGP has been an industry standard for so long. I would surely trust PGP more than Signal. IMO.
Nice share!
1 Like
Of course as it has been established for a longer time (and therefore more people should have looked over the code), it should be more trustworthy. He does state that PGP for encryption is secure, it is rather about the entire design of long term key usage. My interpretion is that for everyday messaging, Signal is better than GPG
1 Like
For everyday messaging of course.
1 Like
Exactly. His beef is that it encourages bad behavior with the key management and WoT.