The #39C3 “To sign or not to sign” (https://gpg.fail) talk is excellent. 👏

IMHO: Avoid PGP altogether, especially #GnuPG. Avoid memory unsafe programming languages, wherever feasible.

It is mind boggling, that the gpg team / g10 Code GmbH refuses to fix all vulnerabilities, given that their @bsi certification and thus their business model being at risk.

Also goes to show, that BSI certifications are worthless. Quel surprise?