[ifmpx]

People in this industry use OpenPGP because it's flexible and amendable to almost any usecase you can think of. "Better solutions" are usually indeed better but are also so specialized for their purpose to the point that they can't be easily used for any other purpose.

OpenPGP is used to secure everything from simple messages and email to authenticating OS updates for most servers today.

Should they use something more specialized now that it exists? Sure, but that an argument for PGP not against it; PGP is useful in situations where no specialized solutions exist or are inadequate.

Until something comes along that can cover every situation where OpenPGP is useful, I can't see people stop using it (much to the dismay of the 5 vocal crptologists that keep arguing against it).

[tptacek]

It's telling that the most common example of a widespread use of PGP (modern messaging applications exchange more messages in a day than OpenPGP has ever exchanged) is software update schemes, because software update cryptography is both a solved problem (just use signify) and doesn't have network effects; it's a "trust anchor" application.

At least with PGP email, you can make the argument that PGP sticks around because people don't want to recreate contact lists. But even that argument doesn't apply to update.

[somedude11]

Backup, archivization, password managers, the list is long. Duplicity has many users: http://duplicity.nongnu.org Pass is also pretty popular on HN: https://www.passwordstore.org Both use GPG.

[stormbrew]

I use pass and I would switch in a heartbeat to a fork of it that used ssh keys or something similar instead of gpg. For something so amazingly simple and useful, its dependence on the klunky mess that is gpg key management is an anchor that weighs it down.

[somedude11]

Key management is a burden in every cryptosystem. I'm using KeePass and can recommend it, it works well.

[wglb]

Would you know if it failed?

[somedude11]

If it would "fail" and there would be no consequences so I could't tell if it failed or not - would it make a difference?

[trishankdatadog]

> software update cryptography is both a solved problem (just use signify)

Well, just use TUF [1] and in-toto [2] ;)

[1] https://theupdateframework.io/

[2] https://in-toto.io/

[theamk]

Note that TUF is great for things with multiple contributiors (think npm or pypa).

For the simple case of "a single publisher publishes update for a single product", TUF is an overkill. Something like signify or seccure will be way easier to set up and use.

[trishankdatadog]

signify is nice when key distribution, revocation, and rotation is handled for you... but how do you do that securely for many different publishers on a single repo?

[btilly]

OpenPGP is used to secure everything from simple messages and email to authenticating OS updates for most servers today.

And for MOST of the places that it is used, it gets screwed up in some way that makes it not as secure as the people using it thought that it was.

Stop and think carefully about that statement. And repeat it to every person you meet who thinks that they are solving their problems with OpenPGP.

[ifmpx]

What do you mean by PGP "not [being] as secure as the people using it thought that it was"? Can you mention something specific?

[btilly]

Here is something specific.

Due to the complexity of the PGP system, there are a plethora of downgrade attacks. Where something that was supposed to be at one level of security can be tricked into doing something much less secure. See https://twitter.com/xmppwocky/status/1291144278953955328, https://mailarchive.ietf.org/arch/msg/openpgp/JLn7sL6TqikUf-..., and https://www.eff.org/deeplinks/2018/05/pgp-and-efail-frequent... for three different examples of such attacks against PGP in recent years.

[upofadown]

The first one appears to be some sort of joke.

The second one is just yet another person discovering that the MDC check can be stripped off a message.

The third one seems to be just EFAIL which is not a downgrade or any attack really against PGP.

[jrochkind1]

What industry do you mean by "this industry"? Just... computing?

I didn't know OpenPGP was used to authenticate OS updates for most servers today. Can you give me a place to find out more about that; are you talking about a specific OS?

[somedude11]

Packet managers on pretty much every Linux distribution use GPG for verifying packages.

[aptmiguk]

It's used to digitally sign software, not encrypting.