Then why no such efforts are being pursued for PGP(GPG) nowadays? signify[1] is ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		rollcat on Jan 4, 2025 \| parent \| context \| favorite \| on: F-Droid Fake Signer PoC Then why no such efforts are being pursued for PGP(GPG) nowadays? signify[1] is approachable at least for the power users - I could print out that man page on a T-shirt. HTTPS is ubiquitous and easy, thanks to ACME & Let's Encrypt. E2EE with optional identity verification is offered in mainstream chat apps. And of course there are usability improvements to GPG, being made by third parties: Debian introduced package verification a couple decades ago, Github does commit verification, etc. What's to stop e.g. Nautilus or Dolphin from introducing similar features? [1]: https://man.openbsd.org/signify

Y_Y on Jan 4, 2025 [–]

> Then why no such efforts are being pursued for PGP(GPG) nowadays?

I wonder why there aren't more, but there are some, for example Proton's efforts towards encrypted email.

https://proton.me/support/how-to-use-pgp

(I won't mention the relative shortcomings of HTTPS and E2E chat apps here.)

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact