Valsorda's reasons to abandon the idea of long term PGP keys

• "First, there's the adoption issue others talked aboutextensively. I get at most 2 encrypted emails a year."
• "Then, there's the UX problem. Easy crippling mistakes.Messy keyserver listings from years ago. "I can't read thisemail on my phone". "Or on the laptop, I left the keys Inever use on the other machine"."
• Real issues: "A long term key is as secure as the minimum commondenominator of your security practices over its lifetime. It's the weak link."
• "Never ever ever successfully used the WoT to validate a public key"
• There's no attacker for whom long term key would make sense. Common attackers cannot MitM Twitter DMs, the "Mossad will do Mossad things"...
• Values he cares about: forward secrecy, deniability, and ephemerality

But interestingly, he also says:

The point is not to avoid the gpg tool, but the PGP key management model.

This is a very subtle nuance he brings. He doesn't give up on PGP because of the strength of its crypto schemes, but because of its key management model.