
GnuPG 2.2.23 - LinuxBender
https://lists.gnupg.org/pipermail/gnupg-announce/2020q3/000448.html
======
somedude11
Can't wait for new major version that includes changes listed in RFC4880bis,
new curves, AEAD methods EAX and OCB and many other improvements.

[https://datatracker.ietf.org/doc/draft-ietf-openpgp-
rfc4880b...](https://datatracker.ietf.org/doc/draft-ietf-openpgp-rfc4880bis/)

GPG is great, there is no tool like it.

------
setheron
I saw people starting to use `age` as a replacement to gpg. Can someone speak
to that?

~~~
wolf550e
gpg does too many things. minisign does digital signatures (like for
releases). age does encryption (like for backups).

~~~
SAI_Peregrinus
Age and Minisign also don't have the ability to misconfigure them to use
insecure primitives. GPG does.

~~~
upofadown
Well neither does GPG. Insecure stuff gets removed. Stuff that people just
have a funny feeling about gets retained.

~~~
wolf550e
current versions of gpg support insecure settings and the defaults are not
what you want.

~~~
somedude11
Simply not true. Defaults are cryptographically strong.

------
rurban
Still using sha1sum for the announcement? I thought we could do better.
Everybody already moved on.

