| ▲ | maqp 6 days ago | ||||||||||||||||
>Future secrecy? Meaning --if-- when your keys get compromised the system recovers. PGP lacks even forward secrecy, meaning key compromise alone allows retrospective decryption of every message you've ever sent. OTR fixed that in... ...2004 https://dl.acm.org/doi/10.1145/1029179.1029200 Using PGP for secure communication in 2025 when you have option to use stateful E2EE over stuff like Signal is just bonkers. | |||||||||||||||||
| ▲ | upofadown 6 days ago | parent | next [-] | ||||||||||||||||
If your keys get compromised then you would need new keys in any case. I think that the sort of people that use PGP are more interested in not having any messages compromised, ever, while still retaining access to their old messages in a secure way. Contrast that with, say, Signal where a forensic tool like Cellebrite will allow access to retained Signal messages[1]. Sure, most of that is due to the inherent insecurity of encrypted instant messaging over, say, encrypted email, but the users in the end don't care. They just want to be able to communicate privately. [1] https://web.archive.org/web/20201210150311/https://www.celle... | |||||||||||||||||
| ▲ | ktosobcy 6 days ago | parent | prev [-] | ||||||||||||||||
And if you lose your device your messages are compromised as well. Forcing your paranoidal perception "is just bonkers". | |||||||||||||||||
| |||||||||||||||||