alt Hacker News> it can be debated whether PGP-in-general is a lost cause too, but that's not what GP is claiming
It is though what both the fine article, and tptacek in these comments, are claiming!
> it can be debated whether PGP-in-general is a lost cause too, but that's not what GP is claiming
It is though what both the fine article, and tptacek in these comments, are claiming!
They are also correct, but that's indeed not what the person you replied to said.
> then why haven't alternatives ^W replacements been produced for decades?
Actually we do have alternatives for it.
For example Git supports S/MIME and could absolutely be used to sign commits and tags. Even just using self-signed certificates wouldn't be far off from what PGP offers. However if people used their digital IDs like many countries offer, mission-critical code could have signatures with verifiable strong identities.
Though there are other approaches as well, both for signing and for encrypting. It's more that people haven't really considered migrating.