top | item 45458728

(no title)

633212490 | 5 months ago

Using PGP over self-hosted email servers won't help you against a post-quantum adversary. While people have discussed post-quantum extensions to PGP, it doesn't exist yet. Similarly, while post-quantum TLS _does_ exist, it was only just implemented in OpenSSL; I doubt Postfix supports it yet.

So you're in an even worse post-quantum situation with email, even if you end up with TLS-encrypted PGP-encrypted messages, you're still not post-quantum secure.

discuss

pelzatessa|5 months ago

My point is that to this date everyone was not post-quantum secure, and only the people whom had their messages stored on their servers only can be sure that someone won't read their contents.

Also PGP emails were just an idea that seemed the most basic for me to illustrate an example of selfhosted encrypted messaging. Probably they lack more security features than just post-quantum, compared to the other messengers anyway :)