OpenPGP

Was the Efail disclosure horribly screwed up? – A Few Thoughts on Cryptographic Engineering (blog post)

2018/05/17: Matthew Green thoughts on the EFAIL vulnerabilities disclosure, its handling and the future of PGPRead more

Encrypted Email Has a Major, Divisive Flaw (Wired article)

2018/05/14: Article on the story of the EFAIL vulnerabilities concerning OpenPGP and S/MIME encrypted emailRead more

The PGP Problem (Latacora blog post)

2019/07/16:

The aim of this article is very clear right from the start: to convince the readers not to use PGP. The first paragraph set the pace:

Cryptography engineers have been tearing their hair out over PGP's de ciencies for (literally) decades.

...Read more
Kommentar: Efail ist ein EFFail (Heise article)

2018/5/16 - two days after the public disclosure, Heise published a commentary about the disclosure process.

PGP ist nicht kaputt. Wenn man allerdings große Teile der Berichterstattung über die Efail-Lücken verfolgt hat, könnte man zu diesem Schluss

...Read more
Verschlüsselte E-Mails sind nicht sicher (Süddeutsche article)

2018/05/14: Article on the EFAIL vulnerbilities concerning OpenPGP and S/MIME encrypted emailRead more

EFF : Attention PGP Users New Vulnerabilities Require You To Take Action Now (EFF article)

2018/05/14: EFF statement regarding the newly disclosed vulnerabilities affecting PGP and S/MIME usersRead more

Negociation as a drawback?

The authors make a bold statement:

If we've learned 3 important things about cryptography design in the last 20 years, at least 2 of them are that negotiation and compatibility

...Read more
What are the pros and cons of standardization?
The PGP Problem (Latacora blog post)
OpenPGP
Subscribe to OpenPGP
Need help with PECE?
Join the PECE Slack channel