Summary: Concerns about GnuPG's Koch facilitating or allowing practices that aren't secure and are even proprietary raise concern among privacy and security specialists; alternatives exist already
AS PER this previous post about integrity of encryption, we've decided to explore alternative encryption projects that are not Microsoft-controlled (in GitHub) and not participating in awkward schemes that are proprietary.
"...we’ve decided to explore alternative encryption projects that are not Microsoft-controlled (in GitHub) and not participating in awkward schemes that are proprietary.""Nettle is on self-hosted GitLab," it was noted. "Nettle isn't PGP though. It's a generic crypto library [written] in C."
"GnuPG develops in its own servers, I believe, [whereas] Sequoia is on GitLab"
Sequoia -- already with a slightly bad sign being the choice of host (centralised Gitlab) -- "looks like the only viable alternative right now," one person told us. "It lacks smartcard support but that should not be too much of an issue right now. The people behind Sequoia seem like genuine people that care about the user more than anything else. [...] I think Koch's actions are what made them break away from GnuPG in the first place."
It's important to remember the signature on this letter. A large number of these people work for companies that push non-free software and also develop on Microsoft servers (GitHub, NSA PRISM). ⬆