I happened to stumble upon these OpenPGP Best Practices the other day. Opposite to the intentions of that article, it made me realise PGP sucks, and in fact for several reasons.

The main problem with PGP (and GPG) is that it is a total usability nightmare. Not because by default these are command-line tools: there are GUIs for them and plugins that integrate them in email clients. No, the problem is that they do not help the user in making the right (read: secure) decisions. There is no default secure configuration. There are a gazillion configuration options, and any random combination is bound to make the system insecure.

For example, in terms of key management, the user has to remember to regularly update his local key ring. He has to remember not to use a popular but broken key server. When generating a key, he has to pick the right parameters to get the most secure setup. This include understanding and using sub keys. He should not forget to set an expiration date, and should remember to generate a revocation certificate. And that’s not all….

This is a nightmare. We really need to design something better.

Update 15-9-2014: Matt Green wrote a much longer and much more detailed argument why PGP must die.