mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

Added a comment

Browse source
This commit is contained in:
aurelia@b44312a63326710de6cea9c43290e5debbd55607 2022-06-06 12:38:26 +00:00 committed by admin
parent 4bf7962259
commit 4150433ef4
1 changed files with 13 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

13
doc/todo/whishlist__58___GPG_alternatives_like_AGE/comment_6_991bf6846513818c00b75b7962b0fb2e._comment Normal file
View file

@ -0,0 +1,13 @@
[[!comment format=mdwn
username="aurelia@b44312a63326710de6cea9c43290e5debbd55607"
nickname="aurelia"
avatar="http://cdn.libravatar.org/avatar/818bf579caf9992f9123bd9b58321b2b"
subject="comment 6"
date="2022-06-06T12:38:26Z"
content="""
The biggest reason to use age over PGP seems to be in the simplicity / attack surface. It deliberately does not include options to combat complexity and insecure configurations. It also has a lot less baggage and complexity than PGP: obscure packet-based format, web of trust, subkeys - age does a single thing, and it does it well. I do have a use case for hybrid encryption, but I'd rather not touch GPG ever again if I don't need to. Just the squabble about importing keys without identities makes me want to stay far far away. Age keys handle like SSH keys, so if you have a strategy for those age fits into your workflow very easily.
Age also supports passphrase derived keys now, so the \"shared\" use case is covered.
"""]]