I need to come up with a reasonable way for anyone to leverage GPG without the friction and mistakes that usually go along with that.
@jjg Key management? Mail clients? Storage and search? (I really like GPG, but there are plenty of problems to solve, in my impression)
@stefanieschulte exactly. More and more people (outside of the hacker/programmer/it/etc. communities) are looking for ways to keep their data private, and OpenPGP/GPG is probably the safest option available, but using it (and doing so in a way that doesn't introduce vulnerabilities) is a lot to ask of people just trying to get work done.
So I'm noodling on ways to fix that. So far nothing great has come to mind, but I only started about 30 minutes ago :)
@jjg Mailvelope looks somewhat promising, although I'm not using it myself: https://www.mailvelope.com/en/
For key discovery, there is web key service (published by GnuPG developer Werner Koch himself), but it requires support from email providers: https://www.gnupg.org/blog/20160830-web-key-service.html
@stefanieschulte @jjg take a look at keybase.io for an alternative key discovery tool.
The classic key servers suck (and have been misdesigned from the start, IMO).
@stefanieschulte @jjg Werner Koch isn't a fan of usability either ;-/ That's one of the reasons why GnuPG isn't (and won't be) ready for the masses.
I haven't made up my mind yet myself. But there are nice features, like https://keybase.pub/ for authenticated file sharing, IIRC.
BTW: securitymastod.one asks for keybase credentials:
https://securitymastod.one/@r4stl1n/88162
@cynix @jjg Werner Koch himself isn't a fan of keybase.io, apparently. He prefers "trust on first use" (TOFU), combined with the new "web key service", but I don't know how likely this is (WKS requires support from email providers, after all).
https://lists.gt.net/gnupg/users/77160?search_string=keybase.io;#77160
Despite this, keybase.io might be a more practical solution than Werner's ideas (I never tried it, though).