Thank you for this well written informative article!<p>I have a few of questions.<p>1. There was work in progress to update the OpenPGP protocol, eg, RFC 4880bis. What’s the status of this draft? When can users expect AEAD from OpenPGP?<p>Some of the criticisms of PGP are lack of modern authentication, lack of forward secrecy, and limited usability.<p>FS is probably not relevant to email that involves long-term storage. UX is out of scope of protocol. AEAD however is expected these days. MDC isn’t modern authentication.<p>2. Is PGP currently effective against powerful adversaries?<p>3. What do you think of claims that sequoia is an interesting project in a doomed echo system?