← Back to context

Comment by Natanael_L

7 years ago

With "Johnny you're fired", it's clear that many clients don't correctly validate PGP signatures

So my question is this: is PGP itself to blame or are people basically saying, "Don't use PGP unless you know what you are doing."

I don't really know what concrete advice the article gives for me personally. (The only thing I take away from this is to learn libsodium as well, rather than not using PGP.)