It’s so weird that gpg doesn’t have a good model for when there’s been multiple keys issued for one email address.

I later figured out an Emacs-specific solution, which is to edit mml-secure-key-preferences. Works for me 🤷🏻‍♀️

“Matthew Green and Ian Miers recently proposed puncturable forward secure encryption, which is a technique to add forward secrecy to OpenPGP-like systems. […]

Guidelines on how to approximate forward secrecy were published in 2001 by Ian Brown, Adam Back, and Ben Laurie. Although their proposal is only for an approximation of forward secrecy, it is significantly simpler than Green and Miers’ approach, and it works in practice.”

the commit that added SSH verification to Git core. this can be used instead of GPG.

gpg-tui is a Terminal User Interface for GnuPG

Useful when it came to troubleshooting and comparing against my own thing.