Questions about GPGME / GnuPG library

Taral taral at taral.net
Tue Dec 5 13:07:05 CET 2000


On  5 Dec, Werner Koch wrote:

>>  Personally, I'd like to have a gnupg library, not a wrapper
>>  around it. Really I don't undestand why it can not be done. It
> 
> Not again :-(

This is becoming a FAQ. For those who haven't looked at the archives,
this has been rehashed so many times as to be tiresome. GPG _cannot_ be
made a library because libraries do not provide sufficient security
guarantees. GPG very closely constrains its environment in order to
prevent any leakage of private key data, and it cannot do this as a
library. There are plans to produce a coprocess/service-type mode in GPG
which will enable programs to do what they need to do via an RPC-type
mechanism.

PLEASE don't ask for GPG to be a library. It's not going to happen.

-- 
Taral <taral at taral.net>
Please use PGP/GPG to send me mail.
"Never ascribe to malice what can as easily be put down to stupidity."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 248 bytes
Desc: not available
Url : /pipermail/attachments/20001205/717c0c71/attachment.bin


More information about the Gnupg-devel mailing list