Hello Wilders, I no longer use GPG/PGP when sending e-mails. I don't think the encryption algorithm or any open source implementation is in any way broken or compromised. However, the entire concept and idea itself has problems. GPG/PGP use perpetual keys. When you set up GPG/PGP, you generate a private key from which the public key is derived. This is both secure and the fundamental problem. Unlike OTR, which has perfect forward secrecy with the inclusion of ephemeral keys negotiated per exchange using DH, since your private and public key remains the same for every message, adversaries will be able to save all of your cryptographic text until they can finally obtain your private key (with whatever means necessary). This means, even if your messages are secure today, if someone steals your private key, your messages will not be secure tomorrow. In today's personal computing environment, simple malware (with the help of keyloggers for private keys locked by passphrase) makes getting other's private keys trivial. So I don't use GPG/PGP. It's a false sense of security. You should assume your emails, whether GPG encrypted or plain text, can and will be read. It's no different from a basic public forum (except worse since in an e-mail message, many times, there are two e-mail server operators instead of just one forum operator). Recommending GPG/PGP is not the answer. Use OTR and don't look back.