"The sequoia-openpgp crate (Rust’s terminology for a library) is a low-level, policy-free OpenPGP implementation. Our goal was to implement all of RFC 4880, and provide an API that can be used to access and modify pretty much everything, but is simultaneously secure by default."<p>This is pretty exciting. Hope this gives the OpenPGP ecosystem a long needed push and more attention!<p>"Sequoia was started 3.5 years ago by Justus Winter, Kai Michaelis and me, Neal Walfield. Prior to working on Sequoia, the three of us had worked together at g10code on GnuPG."
Despite what the few naysayers in this thread would like to have you believe, there is a growing number of projects that rely on OpenPGP for security. Having a modern library for working with them is a giant plus no matter how you spin it.<p>A big thank you to everyone who worked to get sequoia this far.
The GnuPG implementation was just one of the problems with PGP; Sequoia can't fix any of PGP's real problems while still being a "PGP" implementation. <a href="https://latacora.micro.blog/2019/07/16/the-pgp-problem.html" rel="nofollow">https://latacora.micro.blog/2019/07/16/the-pgp-problem.html</a><p>tl;dr: PGP is absurdly complex, mired in backwards compatibility with broken crypto algorithms, and relies on long-term secrets with no forward secrecy.<p>In this very blog post, Sequoia PGP explains that they continue to support SHA-1, which was broken in 2005, for backwards compatibility reasons. They've added some code to mitigate the damage (introducing more complexity); they hope to turn off SHA-1 in 2023.<p>Cool. In the meantime, don't use PGP, not even Sequoia PGP. Use Signal to transfer messages and files. Use full-disk encryption for encrypting backups. Use Minisign to sign packages. Use libsodium for encrypting app data.<p>EDIT: This post is currently at -3 downvotes without comment, presumably from folks who think SHA-1 is just fine and that I'm overstating the case. I ask you to just read the link I posted and explain why you think PGP is good, actually, despite its terrible reputation among professional cryptographers and security professionals.<p>"We can’t say this more clearly or often enough: you can have backwards compatibility with the 1990s or you can have sound cryptography; you can’t have both."
I like keys.openpgp.org.<p>It keeps the identity out of the key. If the user requires inclusion of the identity, it must be verified by confirming an email.
A good resource on why PGP is too complicated - definitely opened my eyes and seems pertinent to this discussion<p><a href="https://latacora.micro.blog/2019/07/16/the-pgp-problem.html" rel="nofollow">https://latacora.micro.blog/2019/07/16/the-pgp-problem.html</a>
PGP is terrible. Avoid if you can. I wish people focused on building simpler and more modern tools. In particular: <a href="https://bitcoin.stackexchange.com/questions/100546/reusing-bitcoin-hw-wallet-infrastructure-as-a-pgp-replacement" rel="nofollow">https://bitcoin.stackexchange.com/questions/100546/reusing-b...</a><p>Having said that, if you need to use it, it's awesome that now it has a modern and saner implementation.