> I assume the following: Werner is globally known as the author of > GnuPG and it is generally accepted that GnuPG is a defacto security > standard globally besides S/MIME when it comes for example to private > email communications.
No. OpenPGP is; GnuPG is just one implementation of the OpenPGP standard. There are others. > in their twenties so that it can be assumed, when in 10 years Google > and IBM have Quantum Computers, which make our classic encryption > like > ECC probably useless that then people may have a problem. Quantum computing has been ten years away since 1992, which is when I first heard about it. I would be extraordinarily cautious about believing the hype. Getting enough qubits together to form the necessary quantum logic is only a very small part of the overall picture. Read up on Grover's algorithm sometime, and think about just how unreasonable the requirements are: they're so unreasonable as to make the prospect of breaking crypto via Grover's actually _slower_ than the classical way. > I assume the worst case scenario that when Werner retires and starts > to enjoy life with his family and friends and let's say Andre would > change his career path who carries then the torch, so to speak? Who cares? Seriously. OpenPGP has survived as long as it has mostly by a miracle involving the diligence of a handful of people, but in many ways it's embarrassingly ... well, not obsolete. Definitely obsolescent, though. A cryppie at Johns Hopkins, Matthew Green, describes OpenPGP as a showcase of the best cryptographical techniques of the mid-1990s, and he's not wrong. Someday, we'll decide OpenPGP has done enough and should be retired. And that will be okay. I hope that someone else comes along and works on a newer standard using the best cryptographical techniques of the 2020s, and I hope this new standard breaks backwards compatibility with OpenPGP. Breaks it flagrantly, violently, and spectacularly. > So, ladies and gentlemen any thoughts or insights which can be > shared? Yeah. Less time worrying about how to make OpenPGP continue for another twenty years, more time spent about how to make a next- generation cryptographic tool that will occupy the same space OpenPGP did but will do it better and with more modern techniques. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users