There is no “alternative” to GPG, because PGP/GPG’s problem space is poorly defined.
Modern cryptographic protocol design has moved away from “Swiss Army knife” designs: protocols and formats are now designed to do one thing well, rather than a whole bunch of things poorly and with an unintuitive user interface.
In other words: use TLS to communicate securely with services. Use Signal or another modern E2EE IM protocol to communicate securely with humans. For file encryption, use age. For digital signatures, use minisign or Sigstore.
woodruffw|2 years ago
Modern cryptographic protocol design has moved away from “Swiss Army knife” designs: protocols and formats are now designed to do one thing well, rather than a whole bunch of things poorly and with an unintuitive user interface.
In other words: use TLS to communicate securely with services. Use Signal or another modern E2EE IM protocol to communicate securely with humans. For file encryption, use age. For digital signatures, use minisign or Sigstore.
computerfriend|2 years ago
But modern alternatives would be SSH signing, signify/minisign or cosign.