Saying "Don't use PGP, use SigStore or Age!" is the same class of dumb as saying "Don't use web standards, use Flash or Java embeds!".
Before advocating everyone abandon standards and use whatever tools have the better UX or defaults for your use case blindly, maybe take the time to actually understand the problems the standards are trying to solve for, and if any improvements or better implementations are in progress.
reshared this
Océane
in reply to Lance R. Vick • • •1. You're commenting a blog post. People can sit back and interpret it as a 2024 state of the art of the current cryptographic infrastructure, so to say, to find out what's incomplete and where we should put more effort, e.g., what's preventing @delta from switching to a more modern cryptographic standard.
2. Be mindful of the use cases for which you're putting minorities at risk. This blog post was written by a cryptography engineer who knows how bug-prone implementing OpenPGP is. IMHO, a group chat using 5 different OpenPGP implementations on Yahoo mail servers shouldn't be treated as zero-access. Delta Chat may be a good WhatsApp replacement for family groups but advocating for this kind of decentralization against State-level threat models is plainly dangerous.
Having a sociology graduate explain this to you means that at least one of these two posts is incredibly bad.
Delta Chat
in reply to Océane • • •reshared this
Delta Chat and Kinetix reshared this.