PGP is outdated, proprietary software that most people should not use.
OpenPGP, the standard people often mean when referring to PGP, does not lend itself to mass adoption because it requires understanding of asymmetric cryptography, secure and reliable backups of private keys –lest you lose your cryptographic identity or, worse yet, it falls into the wrong hands– and capable hardware tokens like YubiKeys for secure usage –private keys should not be laying around in your system–, among other reasons. Proper usage is a must; mistakes are often not apparent and therefore breed a false sense of security. On top of that, OpenPGP has been forked, with LibrePGP threatening interoperability.
GnuPG, the software people often mean when referring to PGP, is very, very difficult to use right. I say that as an advanced user; the Keyoxide proof on my Lemmy profile and all the Keyoxide claims I’ve put in my key should at least prove my dedication to the OpenPGP ecosystem.
Although new implementations of OpenPGP like Sequoia PGP may make OpenPGP easier to use, OpenPGP remains a bad option for mass adoption. Domain-specific solutions like HTTPS, Signal and electronic identity cards are better candidates.
PGP is outdated, proprietary software that most people should not use.
OpenPGP, the standard people often mean when referring to PGP, does not lend itself to mass adoption because it requires understanding of asymmetric cryptography, secure and reliable backups of private keys –lest you lose your cryptographic identity or, worse yet, it falls into the wrong hands– and capable hardware tokens like YubiKeys for secure usage –private keys should not be laying around in your system–, among other reasons. Proper usage is a must; mistakes are often not apparent and therefore breed a false sense of security. On top of that, OpenPGP has been forked, with LibrePGP threatening interoperability.
GnuPG, the software people often mean when referring to PGP, is very, very difficult to use right. I say that as an advanced user; the Keyoxide proof on my Lemmy profile and all the Keyoxide claims I’ve put in my key should at least prove my dedication to the OpenPGP ecosystem.
Although new implementations of OpenPGP like Sequoia PGP may make OpenPGP easier to use, OpenPGP remains a bad option for mass adoption. Domain-specific solutions like HTTPS, Signal and electronic identity cards are better candidates.