When the Google community deprecates something as stable as PGP for reasons like "don't have common enough subset" or "can't reach the bar of safe-by-default" or "require a maintainer with deep knowledge" or "some packages are simply not used enough", be afraid. As soon as they have their moat, they will return with statements like, "you shouldn't build your own crypto library, use something stable, something tested in the wild; use our library"

So I can hunt up and use a flock of utilities that don't follow any particular standard or I can just continue to use stuff based on the OpenPGP standard that all interoperates.

The point is that OpenPGP is not valuable for the boring (but solid) cryptography but the fact that it is a widely used standard.

But can I replace my YubiKey that holds my PGP signing and encryption keys for pass (the UNIX password manager) and signing git commits? PGP does both jobs and YubiKey keeps the key stubs and does my 2FA. Replace all that in one package and I can stop using PGP.

Articles like this never seem to address PGP's web of trust or identity management.

For the first the only progress I've seen is Keybase and their idea of a "social proof".

For the latter there is opmsg (https://github.com/stealth/opmsg) which uses ECDH or DH Kex for Perfect Forward Secrecy.

nor pgp having support on every language and platform

Age is nearing 1.0 as well, which is probably a good alternative.

Magic Wormholes looks interesting. I assume both sender and receiver must be online simultaneously?

What if I want to send file securely and the receiver can grab it, say a week later because he's travelling on a country with no reliable internet connection?

That just how P2P systems are. Magic Wormhole works great when you also use it with a messenger. Otherwise you're gonna need to use a server that runs all the time.

> how to compell yourself to learn a bazillion of mutually-incompatible tools instead of the swiss army knife that works but fell out of fashion

Thanks for the TUF shoutout!

(2019)