[lrvick]

I could name a few off the top of my head, some of which have audited my teams work, but I do not want to put specific people on blast. Most cryptographers I know tend to prefer math to internet controversy and I do not blame them.

That said protonmails lead cryptographer has been quite public about his support of the refresh and helping lead some efforts https://proton.me/blog/openpgp-crypto-refresh

I have dozens of more examples of high risk orgs with cryptography teams relying on PGP I am compiling for my post right now. Added a bunch of extra ones just for you.

Honestly from my side of the table, it is the anti-pgp camp that appears to be the loud minority. The world quietly runs on "dead" PGP technology so deeply that any calls for a complete replacement without any compatibility or trust transition path are clearly under-researched and should not be taken seriously.

I have a hard time imagining many cryptographers deeply aware of the impossibility of any rapid transition away from PGP would suggest we abandon the migration to secure modern ciphers now.

A lot of people would like to -eventually- move away from openssl too, myself among them, but not updating to openssl 4 and beyond in the short term would be a world burn kind of move.