Finally, Debian has ditched OpenPGP for repository signing in favor of Ed25519 with SHA512. This is a step ahead for privacy and security. You can see the article here.
As @anon123@lemmy.ml pointed out, the following issues about PGP are not specifically related to Debian article I linked.
- No authenticated encryption.
- Receiving a signed message means nothing about who sent it to you
- Usability issues with GnuPG
- Discoverability of public keys issue.
- Bad integration with emails.
- No forward secrecy.
There’s usuful documentation about it:
Debian never used PGP. PGP is a proprietary application. Debian did however use GPG which implements the OpenPGP standard.
GPG did add support for AEAD algorithms in version 2.3 (which was released last April). That being said, this really does not matter as Debian never used GPG for encryption.
Edit: OpenPGP supports something called MDC which is basically an encrypted hash of the message. Think of it as a weaker and home-brew version of AEAD.
This is true but 1: this does not affect the debian usecase and 2: signify-openbsd, minisign, etc all have the same issue.
It really is not that bad. Especially when you use it for apt.
OpenPGP is unrelated to emails. Some do use it to send encrypted emails but it is not any different from sending zip files to people. But then again this is unrelated to the Debian usecase.
This is not necessarily a negative. Forward secrecy requires many sacrifices. And again this is unrelated to the Debian usecase.
Note: GPG has supported signing data with ed25519 for a few years now.
There are however real issues with GPG, such as how libgcrypt somehow managed to implement ed25519 in a way that allows for side-channel attacks.