His main premise is that the web of trust model fundamentally breaks several important things, such as encouraging long-lived keys. I’m a fan of GPG for encryption, but I’ve always found it unwieldily for communication. Thoughts?
Just use protonmail. Services should encrypt by default without your even noticing.
That is super surprising. PGP has been an industry standard for so long. I would surely trust PGP more than Signal. IMO.
Of course as it has been established for a longer time (and therefore more people should have looked over the code), it should be more trustworthy. He does state that PGP for encryption is secure, it is rather about the entire design of long term key usage. My interpretion is that for everyday messaging, Signal is better than GPG
For everyday messaging of course.
Exactly. His beef is that it encourages bad behavior with the key management and WoT.