Tootfinder

pgp_strong: PGP web of trust (2009)
Strongly connected component of the Pretty-Good-Privacy (PGP) web of trust among users, circa November 2009.
This network has 39796 nodes and 301498 edges.
Tags: Social, Online, Unweighted
https://networks.skewed.de/net/pgp_strong

pgp_strong: PGP web of trust (2009)
Strongly connected component of the Pretty-Good-Privacy (PGP) web of trust among users, circa November 2009.
This network has 39796 nodes and 301498 edges.
Tags: Social, Online, Unweighted
https://networks.skewed.de/net/pgp_strong

pgp_strong: PGP web of trust (2009)
Strongly connected component of the Pretty-Good-Privacy (PGP) web of trust among users, circa November 2009.
This network has 39796 nodes and 301498 edges.
Tags: Social, Online, Unweighted
https://networks.skewed.de/net/pgp_strong

Bądźmy szczerzy. Byłem zwolennikiem #OpenPGP (czy ogólniej #PGP) przez długi czas. I w sumie nadal nie jestem w stanie wskazać żadnej sensownej alternatywy. I wierzyłem, że PGP nie jest "tak trudne" — ale wcale nie staje się łatwiejsze. A wielkim problemem z tego typu standardami są narzędzia.

Ich muss euch heute etwas Trauriges mitteilen.
#Netcup hat mir gerade mitgeteilt, dass das Shared-Hosting für meine Domain pgp.mit.edu abgelaufen ist. Die wird jetzt suspendiert. Ihr müsst eure PGP-Keys jetzt woanders hosten. 😂
#spam

Sequoia PGP exemplifies everything that's wrong about #RustLang (don't mean this against Sequoia). It features a bunch of different CLIs, which is a reasonable design.
If Sequoia were written in C, these CLIs would probably be using some shared library. If Sequoia were written in Python, they would probably use a shared Python package. However, it's written in Rust, so every CLI is a huge binary with its own copy of subset of shared Sequoia code, built separately:
-rwxr-xr-x 1 root root 12M 10-08 06:36 /usr/bin/gpg-sq
-rwxr-xr-x 1 root root 4,7M 10-08 06:36 /usr/bin/gpgv-sq
-rwxr-xr-x 1 root root 21M 10-08 08:38 /usr/bin/sq
-rwxr-xr-x 1 root root 6,9M 10-08 08:38 /usr/bin/sqop
-rwxr-xr-x 1 root root 3,1M 10-08 08:32 /usr/bin/sqv

You can now find my public #PGP key at my website.
#Security

Sequoia PGP ukazuje wszystko to, co jest nie tak z #RustLang (nie czepiam się tu projektu Sequoia). Mamy kilka różnych binarek CLI, co ma sens.
Gdyby Sequoia była napisana w C, to najpewnie używałyby jakiejś biblioteki współdzielonej. Gdyby napisała była w Pythonie, to najpewniej mielibyśmy wspólną paczkę Pythona. Ale napisano ją w Ruście, więc każdy interfejs to odrębna, wielka binarka z włas…

@… Zum Programm: Das Enigmail-Plugin für Thunderbird ist nicht mehr nötig… Thunderbird hat PGP inzwischen integriert. (Nicht so gut, wenn man mich fragt, aber ich habe eigentlich immer an Software zu meckern… und Krypto hirnt immer noch mal eine Stufe stärker als alles andere. Ich sehe ja an den Leuten, denen ich es immer wieder mal erkläre, wie sehr es…

Ktoś powinien zrobić diagram.
#PGP (Pretty Good Privacy) to oryginalne, własnościowe narzędzie. Z niego wyprowadzono otwarty standard #OpenPGP. Ten standard zaimplementowano w #GPG (GNU Privacy Guard), którego autorzy p…

Let's be honest. I've been a strong supporter of #OpenPGP (or #PGP in general) for a long time. And I still can't think of any real alternative that exists right now. And I kept believing it's not "that hard" — but it doesn't seem like it's getting any easier. The big problem with standards like that are tools.
#WebOfTrust is hard, and impractical for a lot of people. It doesn't really help how many tools implement trust. I mean, I sometimes receive encrypted mail via #EvolutionMail — and Evolution makes it really hard for me to reply encrypted without permanently trusting the sender!
The whole SKS keyserver mess doesn't help PGP at all. Nowadays finding someone's key is often hard. If you're lucky, WKD will work. If you're not, you're up for searching a bunch of keyservers, GitHub, or perhaps random websites. And it definitely doesn't help that some of these may hold expired keys, with people uploading their new key only to a subset of them or forgetting to do it.
On top of that, we have interoperability issues. Definitely doesn't speak well when GnuPG can't import keys from popular keyservers over lack of UIDs. And that's just the tip of the iceberg.
Now with diverging OpenPGP standards around the corner, we're a step ahead from true interoperability problems. Just imagine convincing someone to use OpenPGP, only to tell them afterwards that they've used non-portable tool / settings, and their key doesn't work for you.
That's really not how you advocate for #encryption.

Someone needs to make a flowchart for this.
#PGP (Pretty Good Privacy) is the proprietary tool. The open standard developed from it is called #OpenPGP. This standard was implemented by a tool called #GPG (GNU Privacy Guard), who took up the development of the standard, until they've decided they don't like where others are pushing it, so they've forked the standard into #LibrePGP. Then GPG was forked into #FreePG to bring (newer) OpenPGP into it.