GnuPG design goals (Re: Bikeshedding while the world burns)
Robert J. Hansen
rjh at sixdemonbag.org
Wed May 6 10:44:28 CEST 2026
> Forward secrecy is definitely more challenging in a high-latency
> environment like email. It's not impossible, but Signal's double ratchet
> protocol is designed to be tolerant of reasonably long periods of
> disconnection (in *very* handwavey terms, that's what the second ratchet
> in "double" ratchet is there for).
One of the things I'm concerned about, with respect to LibrePGP/OpenPGP
direction, is it's easy to lose some of the best use cases of *PGP in
pursuit of the New Hotness In Crypto.
One of the best use cases is in bootstrapping a secure communications
network. From an almost wholly untrusted set of connections, with just a
little usage of GnuPG you can bootstrap the maze of technologies we
depend upon to communicate safely.
It would break my heart -- and endanger people -- if we lost
bootstrapping in the pursuit of PFS and other goals. I'd like it if we
could make it a point to remember it as a special high-value use case.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20260506/c1ca54e1/attachment.sig>
More information about the Gnupg-users
mailing list