PGP encrypts to a recipient’s public key and signs with the sender’s private key, requiring no provider in the trust path. Its strongest current uses are file encryption and verifying software release signatures.
The costs are metadata and key handling: recipients, timestamps, and usually subjects stay readable in mail, and long-lived keys concentrate risk. The basics guide covers keys, signing, and verification workflow.