Opmsg - gpg replacement

thoughts and / or experiences?

1 Like

no experience with it, sure looks good from initial read though and worth testing.

dev’s blog is a good read, going to look at drops and harddns too.

We tried it last year and planned to write an article about it. However, it is even more complicated than GPG itself, it offers legacy crypto, uses insecure ciphers by default (AES with CBC mode), and there is nearly no development (https://github.com/stealth/opmsg/graphs/code-frequency).

AFAIK, there is also no independent security audit or any other audit.

General recommendation: Use well-known and audited software only, especially when it comes to security software.

1 Like

so what its good or no ? xD