
Too Cool for PGP - raldu
https://www.mailpile.is/blog/2016-12-13_Too_Cool_for_PGP.html
======
hug
All of this arguing about PGP is just bike-shedding.

OpenPGP is not going to gain any traction if it continues in the same vein
it's already been in for years. There's a reason that there's a lot of really
smart people writing blog-posts saying that PGP sucks, and the reason for that
is pretty straightforward: Using PGP sucks!

The article says we shouldn't completely neglect PGP going forward, and that I
agree with, but it's certainly not what I'd call the best path, and most
definitely not if it's not receiving traction from the major email vendor that
is used for corporate mail: Microsoft.

Like it or not, Microsoft Outlook (and Exchange behind it) is not going away.
It's the tool of choice by a large margin in almost every single company I've
done any consulting work for -- not a small number.

There are many other things we should be doing. TLS mail should be supported
everywhere. Google providing a deadline to stop accepting mail via non-
transport-encrypted SMTP would be a good start. The second thing to do would
probably be to promote S/MIME. It's not as "good" as PGP, but any level of
encryption is a hell of a lot better than none in this instance, and to my
knowledge almost all widely-used mail-clients already handle S/MIME just fine.

~~~
stephenr
In the realistic world where perfect is the enemy of good, I'd argue that
S/MIME is actually better than PGP/GPG for most email users.

The "missing" steps to make it truly user friendly IMO are:

\- a more reliable/user friendly free S/MIME issuing CA. So far the best
option seems to be Comodo, but it's far from a great experience.

\- improved client support for setting up keys+certs. e.g if iCloud Keychain
would/could sync these items to/from iOS devices, 90% of the hassle with setup
would be resolved.

\- defaulting on to display signed mail status in mail clients.

Edit: clarified solution to: CA.

