Finally, Debian has ditched OpenPGP for repository signing in favor of Ed25519 with SHA512. This is a step ahead for privacy and security. You can see the article here.
As @anon123@lemmy.ml pointed out, the following issues about PGP are not specifically related to Debian article I linked.
- No authenticated encryption.
- Receiving a signed message means nothing about who sent it to you
- Usability issues with GnuPG
- Discoverability of public keys issue.
- Bad integration with emails.
- No forward secrecy.
There’s usuful documentation about it:
With a lot of drawbacks (using it with multiple devices sucks) for too little gain and you can’t use it in non-interactive protocols such as OpenPGP. Or rather, you can if you do it manually, but it requires interaction.
Because Protonmail sucks. It works fine in Thunderbird.
I admit that it has been a while since I checked the signal protocol so I might be wrong. The page that you linked seems fine.
Even if protonMail sucks, email will always leaks meatada.
Source
Acutally, forward secrecy it’s very useful.
Source
Edited: wrong message.