On Thu, 11 Jan 2024 at 14:36, Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote: > > Stop making a bad pgp experience even worse - for no reason and > absolutely zero upside. Side note: even getting gpg to show the subkeys was just an exercise in frustration. For example, I'd expect that when you do gpg --list-key E76040DB76CA3D176708F9AAE742C94CEE98AC85 it would show the details of that key. No, it does not. It doesn't even *mention* that key. Because this is gpg, and the project motto was probably "pgp was designed to be hard to use, and by golly, we'll take that to 11". And no, adding "-vv" to get more verbose output doesn't help. That just makes gpg show more *other* keys. Now, obviously, in order to actually show the key I *asked* gpg to list, I also have to use the "--with-subkey-fingerprint". OBVIOUSLY. I can hear everybody go all Homer on me and say "Well, duh, dummy". So yes, I realize that my frustration with pgp is because I'm just too stupid to understand how wonderful the UX really is, but my point is that you're really making it worse by using pointless features that actively makes it all so much less usable than it already is. Subkeys and expiration date make a bad experience worse. Yes, I blame myself for thinking pgp was a good model for tag signing. What can I say? I didn't expect people to actively try to use every bad feature. Linus