> But I was discussing it with some techies once and someone mentioned to me that it had less entropy (I think they mentioned 256 bits of entropy) whereas they wanted 512 bits of entropy which pgp supported
> I can be wrong about what exactly they talked about since it was long time ago so pardon me if thats the case, but are there any "issues" that you know about in age?
Entropy bikeshedding is very popular for PGP / GnuPG enthusiasts, but it's silly.
age uses X25519, HKDF-SHA256, ChaCha20, and Poly1305. Soon it will also use ML-KEM-768 (post-quantum crypto!). This is all very secure crypto. If a quantum computer turns out to be infeasible to build on Earth, I predict none of these algorithms will be broken in our lifetime.
PGP supports RSA. That's enough reason to avoid it.
Eh. You don't really get to do this sleight of hand. If you're gonna rag on RSA support as a shibboleth for bad design, it's bad for GPG and bad for age. If it's direct evidence of bad design, age shouldn't have permitted it via their SSH key support.
I agree in principle, but I'm not looking at "what SSH dragged in". I'm looking at age as a pure isolated thing, according to the spec: https://github.com/C2SP/C2SP/blob/main/age.md
This transparency keyserver actually gives us an excellent opportunity to measure how many people use Curve25519 vs RSA, even with SSH support.
We should contrast this with actively valid public keys on a PGP keyserver in 2026 and see which uses modern crypto more. The results probably won't be surprising ;)
We've moved from "PGP supports RSA. That's enough reason to avoid it." to "We should contrast this with actively valid public keys on a PGP keyserver in 2026 and see which uses modern crypto more".
This Mozilla fiasco has convinced me that being a nonprofit isn't enough. We need a web browser that is actively hostile towards corporations and surveillance capitalism.
Corporations, private equity, the ever encroaching monopolies and centralization of economic power, the steady march towards authoritarianism... all of these things are connected and are making our lives shittier. We should oppose them.
> This Mozilla fiasco has convinced me that being a nonprofit isn't enough
I'm not sure to what extent Mozilla actually functions as a nonprofit. All the bits one cares about (i.e. FireFox) are developed by the for-profit subsidiary, which is at least somewhat beholden to Google/Microsoft for revenue...
How so? Corporate and surveillance capitalism's infrastructure is built on copyleft software. The equivocation of license dogmatism with social good and sustainability that those movements were never actually aligned with is part of what's left socially minded technologies and communities so vulnerable to the predation that led the web to this current mess.
"Here is how platforms die: First, they are good to their users; then they abuse their users to make things better for their business customers; finally, they abuse those business customers to claw back all the value for themselves. Then, they die."
We are on step 2: then they abuse their users to make things better for their business customers.
They're squeezing their customers after locking in to juice their margins, having become a monopoly/monopsony. This is the classic enshitificaton playbook.
Nobody is locked in (unless they made some incredibly bad decisions) and this is a tiny fee in exchange for a useful service. I’m just baffled by the response to this.
It's not baffling if you read his Enshitification book. This is phase 2.
In 2010, people were saying it was very reasonable to start prioritizing publishers' ability to reach you over your organic contacts. After all, Facebook is providing this utility for free; shouldn't they be able to extract some additional revenue from their platform? And here we are in 2025...
mysql_real_escape_string is only deprecated because there is mysqli_real_escape_string. I always wondered why it's "real"...like is there "fake" version of it?
Birds don't need airports, don't need expensive maintenance every N hours of flight, they run on seeds and bugs found everywhere that they find themselves, instead of expensive poisonous fuel that must be fed to planes by mechanics, they self-replicate for cheap, and the noises they produce are pleasant rather than deafening.
I mean, via bird flu, even conservative estimates show there have been at least 2 million deaths. I know, I know, totally different things, but complex systems have complex side effects.
Jet engines run on oil-based fuels. How may deaths can be attributed to problems related to oil ? We can do this all day :) I would suggest we stop, I was really just being snarky.
In contrast, EdDSA (which is based on Schorr signatures) does, by construction: the public key is included in one of the hashes, which binds the signature to a particular public key.
I haven't investigated whether cryptocurrency's use of Schnorr satisfies this property or not. (Indeed, I do not care about cryptocurrency at all.) So it's an exercise to the reader if it's satisfactory or not :3
Excellent blog by the way. I esp. love the humility - advanced concepts about cryptogtaphy then I see an article for new people about how to get into tech. Keeping the ladder out, so to speak.
> I can be wrong about what exactly they talked about since it was long time ago so pardon me if thats the case, but are there any "issues" that you know about in age?
Entropy bikeshedding is very popular for PGP / GnuPG enthusiasts, but it's silly.
age uses X25519, HKDF-SHA256, ChaCha20, and Poly1305. Soon it will also use ML-KEM-768 (post-quantum crypto!). This is all very secure crypto. If a quantum computer turns out to be infeasible to build on Earth, I predict none of these algorithms will be broken in our lifetime.
PGP supports RSA. That's enough reason to avoid it.
https://blog.trailofbits.com/2019/07/08/fuck-rsa/
If you want more reasons:
https://www.latacora.com/blog/2019/07/16/the-pgp-problem/
reply