And none of the back seat drivers ever have alternatives to suggest that solve the same problems while having bothered to endure the IETF standardization process, and thus PGP will continue to be the trust foundation of the software supply chain of the internet for the forseeable future.

This fragile network we all use is made of a mountain of pigs that continually need their lipstick reapplied by people that do it for free or near free out of a desire to keep the whole thing running for everyone.

Said people even do it for the users that stay at safe distance pointlessly saying "We should go back in time and build it differently in unspecified ways!".

Is your pitch that the people who call out problems with PGP don’t have suggested replacements for workflows?

Or that the replacements being aren’t as concerned as you are with the IETF process?

> Is your pitch that the people who call out problems with PGP don’t have suggested replacements for workflows?

Yep. I have read every single blog post I can find from critics. Most several times. As have most people that work on this stuff. Some were partly relevant when they were posted and even less relevant today. All of them completely missed the boat on the problems PGP solves that none of the alternative do, or have any serious suggestions for migration paths or standards changes.

I will be quoting most of those posts in a blog post in the next couple weeks on https://distrust.co.

Most of them have corporate alternatives to sell you which have no chance of adoption by standards bodies.

There's like, a whole section on https://www.latacora.com/blog/2019/07/16/the-pgp-problem/#th... that's specifically recommendations. The only ones that are "corporate" are chat (where PGP's UX and security model are absolutely horrendous in ways that both prevent mass adoption and make it comically easy to screw up, and where most of those problems are nearly impossible to resolve in a federated system) and I guess backups, if we consider Colin Percival to be "corporate" when he puts on his tarsnap hat.

Ah yes. That post. People send it to me all the time. It is my favorite.

It proposes that dissidents and security researchers from all countries from a wide range of backgrounds and beliefs on privacy, should all just accept the terms of service of their pick of two US based surveillance capitalism mega-corporations, trust they do not have any insiders or vulns, then reveal their identity to cell carriers in most countries, to get signal up and running, whose terms of service they must also accept, and then with the help of two corporations and their proprietary software supply chains, they can then submit an encrypted security vulnerability.

I legitimately laugh every time at the US corpo-brained takes in posts like these.

TL;DR: "Just let the US tech giants handle all identity and communication for the whole internet. What could go wrong? Super secure companies with great uptime like Microsoft GitHub can sign our commits for us and of course Google and Apple pinky swears to disobey executive orders to serve tampered updates of Signal to select devices. It will be fine."

The people that use their PGP keys to sign and securely distribute damn well near every binary that powers the internet are mostly in Europe, and not big fans of letting centralized and mostly proprietary US institutions control their online identity, let alone trusting them to not use a supply chain attack to read their private security correspondence. I for one have found a pile of serious vulns, including in GnuPG, and I do not have a Signal account and never will as I disagreed with the terms of service of Apple Google and Signal. Anyone that does not want plaintext disclosures would be wise to publish PGP keys for people like me. Thankfully most major tech firms still do, even if only to appease non US citizens and my fellow decorpoed americans.

Encrypted email is the only neutral decentralized and IETF standard comms tool we have. I say that as also a big fan of Matrix and would love to see it or something decentralized like it standardized but right now email is the standard so the snowdens and security researchers of the world should use PGP with modern ciphers and learn how to do it offline when doing high risk comms.

Even so, on the other side of this, having setup bug bounty programs for many orgs, the PGP encrypted/signed submissions from reputable folks were always the really spicy shit I would not want anywhere near a modern smartphone, and I would always decrypt them offline with a smartcard for good reason. I would not even consider being party to a bug bounty program that does not publish a PGP key to be maximally inclusive, even if they hate PGP.

Also re tarsnap. It does not even support smartcards, so just shove your private key for your entire filesystem in system memory, and back it up to a conventional password manager I guess? WTF.

Meanwhile with PGP you generate a key on a smartcard, you provide the public key to duplicity, and you can do backups without ever exposing your private key.

The alternatives suggested are strictly worse by any metric, and fail to understand the threat models of existing solutions.

Holy moving goalposts, Batman.