Why not use something more modern?
Regarding age, one reason is that it only supports a small fraction of PGP functionality thus useless for many real world applications. Another is that it operates on top of a fundamentally different model and for many folks that model is worse and potentially less secure than PGP's if you try to replicate PGP functionality by composition [1].
Modern doesn't necessarily equal good. PGP is mature and solid which is why it's still widely used and remains popular.
[1] https://neilmadden.blog/2019/12/30/a-few-comments-on-age/
This does not mean I think PGP is great, it just means it is working now, across many MUAs.
To me, "old and clunky" also tends to imply "memory unsafe", or "written in Perl so old that a pipe filter in the wrong place in the input coughs up a shell", or "better make sure nobody's name is O'Connor because that includes SQL metadata", or "lol remember temp file races". But I'm prepared to concede that there may be places where the old stuff is better than the new, and eager to hear examples.
Sure in theory you could encrypt your email with age, but how many clients support that flow? How do you distribute the public keys?
Part of the point of sequoia as I understand it is to make PGP a little less clunky and easier to use safely.
https://docs.sequoia-pgp.org/sq/index.html
The sub commands feel like they are pretty much self-explanatory to me, e.g., encrypt, decrypt, verify are pretty clear in what they will do, and the options for those sub-commands seem not to cryptic either to me, but that's naturally a bit opinionated.
Besides that the initial release news article of the sq tool has some quick demo: https://sequoia-pgp.org/blog/2021/01/26/202101-sq-release/
What would be your use cases for sq?
nice.
Perhaps coincidentally, on PGP 30th birthday!
I don't even mind the GPL, in fact most of the code I've ever written is GPL. But there are plenty of projects for which I would prefer a different license.
