Why you should not use PGP

Adrian 'Dagurashibanipal' von Bidder avbidder@fortytwo.ch
Thu Dec 5 12:54:01 2002


--=-Wxx+aH78h79wBMWp6HUf
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Wed, 2002-12-04 at 23:02, Jagadeesh Venugopal wrote:
[...]
> latest being the third). The biggest concern about PGP
> is this... you may encrypt your documents to last you
> a long time (e.g. decades). Given the tumultuous past
> of PGP, it is doubtful whether PGP will exist by the
> time you want to decrypt your documents. OTOH, GnuPG
> will always exist; and so will other components of the
> Gnu suite that are needed to compile it. And they are
> guaranteed to be free now and forever.

Hmm.
 - PGP and GnuPG are mostly compatible, with a little care taken when
generating keys this is no problem.
 - ciphers will be added from time to time, and other ciphers might be
dropped. There's noone to guarantee that my ElGamal key will be usable
10 years from now. GnuPG being opensource helps *somewhat*, but not
everybody has the skill to integrate code that has been (perhaps) 5
years unmaintained back into the program.
 - If you want to keep data for a long time (speaking of decades), I'd
advise everybody to go for paper and a bank safe.=20

> There is another reason not to use PGP. We have a
> robust and viable alternative in the free software
> world. By using PGP, we are detracting from the

Agree completely here.

cheers
-- vbi

--=20
this email is protected by a digital signature:  http://fortytwo.ch/gpg

NOTE: keyserver bugs! get my key here: https://fortytwo.ch/gpg/92082481

--=-Wxx+aH78h79wBMWp6HUf
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iHMEABECADMFAj3vPq8sGmh0dHA6Ly9mb3J0eXR3by5jaC9sZWdhbC9ncGcvZW1h
aWwuMjAwMjA4MjIACgkQi6Qxi+Wn99Z0nQCguPv36hwU8lBtxUwmSibGCBrcSBgA
oI+d8sUMPmZTCYeUVSQiV/dYyqlR
=pg5K
-----END PGP SIGNATURE-----
Signature policy: http://fortytwo.ch/legal/gpg/email.20020822

--=-Wxx+aH78h79wBMWp6HUf--