PGP | Charlie Jonas

Last updated: October 21, 2021\

I have stopped using PGP; many well-respected cryptographers have voiced their opinions on everything wrong with PGP. People often counter me by mentioning Debian/Ubuntu’s package archive signing or by saying “you should sign your Git commits for authenticity”; I am not Debian/Ubuntu and signing Git commits is not as simple as it sounds.

I now use Signal for conversing securely.
I now use age for encrypting files.
I now use Minisign for signing files.

My last active PGP key with fingerprint 17079536 expired 2022-12-29.

$ gpg --list-keys --fingerprint 17079536
pub rsa4096 2019-12-30 [SC] [expires: 2022-12-29]
8CD7 4A23 73F6 3BCB 63C6 7D53 D380 96FC 1707 9536
uid [ultimate] Charlie Jonas <charlie@charliejonas.co.uk>
sub rsa4096 2019-12-30 [E] [expires: 2022-12-29]