Hello to all, the other day I was thinking about whether it might be time to replace GPG with another backend. age [1] is written in Go, seems to follow a similar philosophy as e.g. WireGuard (reasonable algorithms, no unnecessary configuration, ...) and is accepted by the community (about 12.7k stars on Github, if that means anything) and is open source and free. In the past, there have been two discussions on this mailing list about replacing GPG [2, 3]. At that time the discussion was stopped due to lack of alternatives. Now we have an alternative. A project that is 100% compatible with pass and has age as an optional backend is gopass [4]. However, in my opinion, the developers of gopass have overdone it and developed a software monolith that is far too complex.
So: what do you think about the idea of replacing GPG with age as an encryption backend? P.S.: when age was designed, one of the goals of the developers was to become a backend of pass [5] :) (but I'm not sure how actual this goal is today). [1] https://github.com/FiloSottile/age [2] https://lists.zx2c4.com/pipermail/password-store/2019-August/003732.html [3] https://lists.zx2c4.com/pipermail/password-store/2020-October/004280.html [4] https://www.gopass.pw/ [5] https://docs.google.com/document/d/11yHom20CrsuX8KQJXBBw04s80Unjv8zCg_A7sPAX_9Y/view
