OpenPGP

Efail: What A Disclosure FAIL That Was! (RBS article)

2018/05/16: Article criticizing the handling of the EFAIL vulnerabilities disclosureRead more

A history of end-to-end encryption and the death of PGP - January 2020 (cryptologie.net blog post)

01/2020: Here's a documented though critical history of PGP, with insightful links. Providing several consensual (or at least presented so) arguments and documents, the author argues that PGP is dead. However, the article ommits to mention that 2019 witnessed the emergence or fostering of...Read more

GPG And Me (Moxie blog post)

2015/02/24: Moxie's criticisms about PGP, with a harsh conclusion: 

In the 1990s, I was excited about the future, and I dreamed of a world where everyone would install GPG. Now I’m still excited about the future, but I dream of a

...Read more

"“PGP” can mean a bunch of things"

There are two interesting quotes regarding the question. First, at the very beginning of the article, the author affirm:

"PGP" can mean a bunch of things, from the OpenPGP

...Read more
How is PGP defined?
The PGP Problem (Latacora blog post)
OpenPGP

Negociation as a drawback?

The authors make a bold statement:

If we've learned 3 important things about cryptography design in the last 20 years, at least 2 of them are that negotiation and compatibility

...Read more
What are the pros and cons of standardization?
The PGP Problem (Latacora blog post)
OpenPGP

Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels (Poddebniak's Usenix Presentation)

A trenchant summary of frequent criticisms towards PGP

The aim of this article is very clear right from the start: to convince the readers not to use PGP. To do so, the authors enumerate a long list of criticisms that are not new. Reading this offers...Read more

What are the doubts, fears, concerns, or criticisms about OpenPGP and its future?
The PGP Problem (Latacora blog post)
OpenPGP
Efail or OpenPGP is safer than S/MIME (W. Koch email)

2018/05/14: Werner Koch statement on EFAIL vulnerabilities concerning OpenPGP and S/MIME encrypted emailRead more

Spoofing OpenPGP and S/MIME Signatures in Emails (13:19 - 19.04.30)

Stephen Farrell's mail in response to ilf mail about OpenPGPRead more

S/MIME artists: EFAIL email app flaws menace PGP-encrypted chats (The Register article)

2018/05/14: Article describing the EFAIL vulnerabilities concerning OpenPGP and S/MIME encrypted emailRead more

GnuPG Flaw in Encryption Tools Lets Attackers Spoof Anyone's Signature (The Hacker News article)

2018/06/15: Article about the SigSpoof vulnerability which makes it possible for attackers to fake digital signaturesRead more

No, PGP is not broken, not even with the Efail vulnerabilities (2. Hacker News Forum)

2018/05: Reaction to the Prontomail article "No, PGP is not broken, not even with the Efail vulnerabilities" (artifact available) on Hacker News forum : https://cva.unifr.ch/content/no-...Read more

Subscribe to OpenPGP
Need help with PECE?
Join the PECE Slack channel