free software

Werner Koch wk at gnupg.org
Fri Oct 18 14:49:02 CEST 2002


On Fri, 18 Oct 2002 11:52:42 +0200, 5468696A6D656E  said:

> Why not add project files for all compilers to this project?
> What's against it? The work involved? If it had been set up as a

We have a build system and GnuPG can be build on hundreds of different
platforms.  If you want something else, just do it - this is the core
of Free Software.

The other side of the story is that we only maintain GnuPG in the way
we like it.  And for sure I never use an proprietary stuff.

> If you really want to spread strong crypto to everyone,
> make it truely free. Add more windows and mac support, add project
> files for all major compilers on those platforms. I don't care which platform

99.9 % of all Windows user won't be able to build it even with these
project files, thus we provide binaries for them.  So what?

And why do you want to build it with a *closed* toolchain and a
*closed* OS.  They can build anything out of the Free source and you
won't be able to even check what they did.  This is the reason why I
build it on a Free OS using a Free toolchain which hopefully has no
backdoors.  The tools are all available, everyone can build it.  If a
user does not know how to work with Makefiles and such I have severe
doubts that he has a chance to change anything in the GnuPG code base
without introducing security problems.  If you want to be 100% sure,
audit the OS and the toolchain in addition to GnuPG.

See Thompson's "Reflection on Trusting Trust".  IIRC, it is freely
available at the ACM's website under "Classics" or so


Shalom-Salam,

   Werner





More information about the Gnupg-devel mailing list