Follow

It's time for everyone to make sure they have pgp key pairs accessible and backed up. And we should dust off those old gpg tutorials and make sure things are understandable to new users.

I didn't really believe it when people were claiming that End-to-end Encrypted chat relegated pgp to the museum. And it seems our old friend will be needed again.

@tfb I'm now firmly in the "PGP considered harmful" camp - it's far easier to screw up than to succeed, and screwups are contagious and affect potentially large numbers of other people.

There are newer schemes that look really promising as replacements for PGP though, like age/rage:
github.com/str4d/rage

I liked minilock's design too, but it never thrived. Rage/Age look like a similar effort but more mature already.

@seachaint Having now looked at it, age looks interesting. Indeed, that simple model of encryption/decryption with key pairs, and passwords covers almost all of the use models I teach people about with pgp. The only thing it's missing is signing which is more nice to have than vital -- still, I'd have preferred they handle signing and throw out ssh key support, which seems like an unnecessary complication.

As for pgp, I agree that it's overly complicated in what can be done with it. But for the simplest use of it: encrypting and decrypting documents you send between people whose keys you have, it's Just Fine. And because there are perfectly usable GUIs for it, including on Mac and Android and especially Windows, it's something everyone can do.

Over the last 30 years, I've used it with many groups of people, including plenty of non technical folks. There have been minor hiccups, but nothing major. I've seen a ton of people successfully use it for private communication; the major problem I've seen has nothing to do with pgp itself. It's MS Word, its many document incompatibilities, and unexpected data it includes. Using plain text or rtf, it's Just Fine.

The thing I think Age needs before I could recommend it over pgp is good GUIs. With that, I can see it being better exactly because it doesn't have a lot of features you shouldn't use, questionable email integrations, etc etc.

@tfb The trouble with PGP is that if someone in your circles _has_ fucked up, it's likely that neither you nor they have any idea. So, as someone who _has_ fucked up at PGP in the past and seen how easy it is to do, I'm never confident that my friends and family can do the same... or that we'll ever know if they do.

The advantage then of systems that either have no keys at rest _at all_, like Minilock, or systems that do key management entirely on-device (like Age), is that it prevents people doing silly things with keys.

The SSH feature to me is killer, because it means you can encrypt to people who don't yet use Age, and tell them how to decrypt. That's really neat! Sure, it only works for nerds with git accounts... but they're 95% of the people I'm likely to even attempt manual crypto with anyway. For everyone else I rely on messaging apps like Signal. If mandatory-decryption comes in, I can't imagine getting anyone nontechnical to join me in using manual crypto. It's more likely that we'll just have to use bootleg apps that shiv crypto into existing unregulated networks, such as (ugh, shudder) Telegram, if Signal somehow falls.

@seachaint I'm not clear what the difference is that your think is so important between age and pgp? Is it some nerdy circle of trust thing? If so, yes I've long been against that, and have refused to participate.

The basic model that age supports almost matches what I've seen used in labour and socialist circles in the last 25 years. Except we've sometimes also used signing.

Sign in to participate in the conversation
Functional Café

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!