Why you should not use PGP

Adrian 'Dagurashibanipal' von Bidder avbidder@fortytwo.ch
Thu Dec 5 12:54:01 2002

Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Wed, 2002-12-04 at 23:02, Jagadeesh Venugopal wrote:
> latest being the third). The biggest concern about PGP
> is this... you may encrypt your documents to last you
> a long time (e.g. decades). Given the tumultuous past
> of PGP, it is doubtful whether PGP will exist by the
> time you want to decrypt your documents. OTOH, GnuPG
> will always exist; and so will other components of the
> Gnu suite that are needed to compile it. And they are
> guaranteed to be free now and forever.

 - PGP and GnuPG are mostly compatible, with a little care taken when
generating keys this is no problem.
 - ciphers will be added from time to time, and other ciphers might be
dropped. There's noone to guarantee that my ElGamal key will be usable
10 years from now. GnuPG being opensource helps *somewhat*, but not
everybody has the skill to integrate code that has been (perhaps) 5
years unmaintained back into the program.
 - If you want to keep data for a long time (speaking of decades), I'd
advise everybody to go for paper and a bank safe.=20

> There is another reason not to use PGP. We have a
> robust and viable alternative in the free software
> world. By using PGP, we are detracting from the

Agree completely here.

-- vbi

this email is protected by a digital signature:  http://fortytwo.ch/gpg

NOTE: keyserver bugs! get my key here: https://fortytwo.ch/gpg/92082481

Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

Version: GnuPG v1.2.1 (GNU/Linux)

Signature policy: http://fortytwo.ch/legal/gpg/email.20020822