[$] Responses to gpg.fail

At the 39th
Chaos Communication Congress (39C3) in December, researchers Lexi
Groves (“49016”) and Liam Wachter said that they had discovered a
number of flaws in popular implementations of OpenPGP email-encryption standard. They also released an
accompanying web site, gpg.fail, with
descriptions of the discoveries. Most of those
presented were found in GNU Privacy
Guard (GPG), though the pair also discussed problems in age,
Minisign, Sequoia, and the OpenPGP
standard (RFC 9580) itself. The discoveries have spurred some interesting
discussions and as well as responses from GPG and Sequoia
developers.