> It survives only because nerds have a parasocial relationship with it.

I really would like to replace PGP with the "better" tool, but:

* Using my Yubikey for signing (e.g. for git) has a better UX with PGP instead of SSH

* I have to use PGP to sign packages I send to Maven

Maybe I am a nerd emotionally attached to PGP, but after a year signing with SSH, I went back to PGP and it was so much better...