Let your plans be dark and impenetrable as night, and when you move, fall like a thunderbolt.

Reasons to Let PGP Die #2: Web-of-Trust

In my continued series hate on PGP, I wanted to cover why PGP should die by using the web-of-trust as an example.

History of the WoT

PGP was invented in the 90’s as a way of bolting on security on top of the ultra insecure SMTP spec. The web-of-trust was designed similarly to how we designed DNS back then – distribute trust across multiple sources. But unlike DNS that had a hierarchy of trust, PGP’s young idealist authors thought that we could decentralize trust and let everyone on the client side build up trust networks themselves.

Social Graph

Surround your pullquote like this {“ text to be quoted ”}

Here’s a graph of all the people that have been in contact with each other:

Kill The Keyservers

For people that are sharing their information on Facebook, this is in-line with their OPSEC. Share everything, and don’t worry about privacy. But for those of us that actually would like to maintain their privacy and ideally some sorts of pseudonymity, this is a deal breaker.

Not only is this a graph of all the people you’ve met, the keyserver will maintain a log of all people that have downloaded your particular key. Even if the person isn’t contributing to the WoT, if they use the keyserver, it can be assumed that you mean to communicate with that person.


This is the one of the primary reasons PGP should die. If you say that you aren’t going to use a keyserver such as MIT’s, there-by evading the WoT, you have no place to put your PGP key and you have no way of checking to see if someone else’s key server exists. Keyservers are a crucial element in the OpenPGP standard.

You can however decide not to use keyserers if you already have an established band of communication outside of email. If you have a website, business card, or some other form of anonymous communication, you can dump your public key in that location.