Changing encryption backend (discussion)

pass-maillinglist at pass-maillinglist at
Wed Jan 18 09:16:20 UTC 2023

Hello to all,

the other day I was thinking about whether it might be time to replace GPG with
another backend. age [1] is written in Go, seems to follow a similar philosophy
as e.g. WireGuard (reasonable algorithms, no unnecessary configuration, ...) and
is accepted by the community (about 12.7k stars on Github, if that means
anything) and is open source and free. In the past, there have been two
discussions on this mailing list about replacing GPG [2, 3]. At that time the
discussion was stopped due to lack of alternatives. Now we have an alternative.
A project that is 100% compatible with pass and has age as an optional backend
is gopass [4]. However, in my opinion, the developers of gopass have overdone it
and developed a software monolith that is far too complex.

So: what do you think about the idea of replacing GPG with age as an encryption

P.S.: when age was designed, one of the goals of the developers was to become a
backend of pass [5] :) (but I'm not sure how actual this goal is today).


More information about the Password-Store mailing list