Comment by jedisct1
7 years ago
PGP was a game changer when it was introduced and the idea of a chain of trust was neat.
Unfortunately, its implementations are difficult to use, it was never directly supported by operating systems or major applications, and its crypto agility makes it impossible to write minimal implementations.
I wrote and use Piknik for small files transfer (especially with the Visual Studio extension), Encpipe for file encryption and Minisign to sign software. What they have in common is that they are very simple to use, because they only do one thing, with very little parameters to choose from.
The main reason for having written these in the first place was that PGP is too complicated to use, not that it couldn't have done the job.
Has there been any effort to integrate minisign into git?
None that I know of, but it's never too late :)