samatman

It's worth noting that my use of GPG is completely disjoint from everything moxie discusses here.

I use GPG to sign things. Git commits, mostly, but I've used it to sign legal documents as well, and a small grab-bag of other cases.

Is it the best for this application? It is not. Many of the objectionable aspects of the PGP standard apply to signing as well.

But also, yes, it is: it's supported by GitHub and GitLab, and if any other way of signing commits is supported, I'm not aware of that.

I'd be happy to switch to a better, modern cryptosystem for signing things, if it were adequately supported.

What I never do, is use GPG for encrypted communication. Given moxie's particular claim to fame, I don't blame him for focusing on that application, and he is (of course) correct: if you're using GPG to communicate 'securely', stop.

da_big_ghey
A promising contender to "replace" GPG in which you might be interested is age: https://github.com/FiloSottile/age

It's based on ChaCha20-Poly1305 AEAD and the author is well respected in the crypto community.