I recommend using ECC 25519 in README because of RSA's massive and slow keys. It is secure, fast, and widely used today.
GPG is not 'anti-goal'. It is about security and anti-surveillance.
You misunderstand me — “cryptoagility” is an anti-goal today. OpenPGP was designed for “cryptoagility”, so it runs against modern cryptographic engineering principals. This is yet another reason why OpenPGP is bad.
I agree curve25519/ed25519 is what you want to use, that’s why I recommended a modern cryptography library like NaCl and Saltpack for encoding. Not OpenPGP.
It’s not enough to not recommend RSA, a good cryptosystem doesn’t support bad algorithms. Really you shouldn’t recommend anything, because users have no clue. You simply abstract sensible params for the user.
reply