#pki
Tom Ptacek on PGP/GPG alternatives
The high bit of the right answer to this question is that you don’t want to replace PGP; one of the things we’ve learned in 29 years is that you don’t want a single tool to do lots of different cryptographic things, because different applications have different cryptographic needs.
For package signing: use something in the signify/minisign family.
To encrypt a network transport, use WireGuard.
To protect a web transaction on the wire, TLS 1.3.
For transferring files: use Magic Wormhole.
For backups: use something like Tarsnap or restic.
For messaging: use something that does Signal Protocol.
To protect files at rest, use encrypted DMGs (or your OS’s equivalent, like encrypted loop mounts).
To encrypt individual files — a niche ask — use Filippo’s ungooglable “age”.
From an HN thread: https://news.ycombinator.com/item?id=27430624
#pgp #gpg #gnupg #encryption #cryptography #pki #signing #privacy #dataSecurity #TomPtacek #tptacek
I am reading more and more articles about how it's very important to encrypt / sign all communications, hence the use of gpg etc ... so I'm polling around. among my relatives and "regular" friends, I get laughs or simply "this is a bit too complicated don't you think ... is it really necessary, I don't have anything to hide ...blahblahblah ..." ... now among my online friends, what's the rating of people here actually encrypting all mails using private/public keys
#encryption #gpg #gnupg #pgp #pki #protectyourcoms #dataencryption