software, security, pgp

7, a better number. Or is it? The newspost on PyPI’s deprecation of PGP laid bare some internal discussion I hadn’t been privy to. Such as that PGP’s keyserver network (SKS) has been dead for years! Yet, so much software still offers to upload and use servers in this network. I guess individual servers (and those are probably going to be Ubuntu’s or MIT’s) can still serve as an index for keys.

I yanked my key from this website (WKD) last year, due to having stopped using PGP. Nearly nobody else does, and UX is despite many trying to improve, quite bad. I wish more people cared, autocrypt makes it quite easy, but they don’t, developers included; still very few muas support autocrypt fully, by which I mean automatically updating keys without user intervention.