Relax 😎! GPG is not OpenPGP!

Yesterday, vulnerabilities were published https://gpg.fail but they don't affect #deltachat or other #chatmail clients because

A) We never used #gnupg for anything; we use the modern #rustlang #openpgp implementation @rpgp, security audited multiple times.

B) #openpgp is fine, as modernized in #RFC9580, which already warns against several #gpgfail issues (gpg didn't implement that spec)

Please spread the word that #gpg is not #openpgp ... Thanks! #39c3

I’m looking at age for many times especially to replace OpenPGP. They did a new release and for encryption at rest, it’s indeed a good replacement.

But how to integrate it with email encryption ? They recently did a keyserver https://words.filippo.io/keyserver-tlog/ and release an update version of age.

Are we close to a real replacement for OpenPGP ?

#pgp #age #openpgp

https://github.com/FiloSottile/age/releases/tag/v1.3.0

In 2026, my main focus is the https://codeberg.org/minipgp6/ #OpenPGP stack.

#minipgp6 is a very small implementation of a minimal modern subset of OpenPGP, in #Rust.

The project aims to be both a comprehensive introduction to OpenPGP (for anyone who wants to approach the ecosystem from the shallow end) as well as practically useful software for contexts that don't require backward-compatibility with legacy formats.

(Many thanks to @nlnet for supporting this project!)

I'm going to be in #Florence and #Rome for a couple days, followed by #Zermatt for a few more. I've never actually signed anybody's #pgp #gpg keys, but hey! Perhaps this could be a chance to learn how to do that *and* add some trans-atlantic edges to that web of trust!

#Italy #Switzerland #OpenPGP #WebOfTrust