Bernd's comments on GPGME
Werner Koch
wk@gnupg.org
Wed Jul 23 16:11:04 2003
On Mon, 21 Jul 2003 19:14:01 +0200, Bernd Eckenfels said:
> great manpower in werners company and even the community here in the lists
> have not convinced me, that GPG could have repeated the success of 2.6 PGP.
I don't see a success of PGP 2 anywhere else except in the cyberpunks
community and its neighborhood. Same thing for OpenPGP of course.
However, we now have a standard and multible implementations of
OpenPGP so there must be some value in the products. I know a couple
of very large companies, using OpenPGP to protect their internal
communications. Ever asked yourself why Glueck&Kanja developed their
own OpenPGP implementation (CryptoEx) or why GnuPG is working under
the hood of a lot of other products (e.g. by Utimaco or GENUA)? At
least in the Unix world OpenPGP is heavily used for not always visible
purposes.
> This may be due to the complicated OpenPGP, this may be due to some
> license
OpenPGP isn't complicated. We have the luck that it is based on a
working implementation and not a protocol thrown together from
different vendors implementions to create a commitee standard.
BTW, PGP 2 has a couple of design flaws and no specification allowing
to write compatible applications. Watch out for all the kludges in
GnuPG to make it compatible with the different version of PGP 2-7.
> And with Crypto libs like bouncy castle or cryptix, at least in Java there
> is no need for such a command line wrapping.
You are taling about command line wrapping. It seems that you did not
understand the goal of GPGME: That command line wrapping (as you call
it; despite that this is a basic Unix feature) is something internal
to GPGME; an application don't need to care about it. We can at any
time switch to an alternative IPC method and we actually did this
already for gpgsm - the GPGME aware application does not known about
it but gains improvements when we change to a more perfomant way of
internal communication. Hard linking of libraries is not walys a
sound descision. Small and independently testable modules do have
their advantages. Nevertheless, the fork/exec approach does not
create a performance penalty for the majority of applications.
Salam-Shalom,
Werner
--
Werner Koch <wk@gnupg.org>
The GnuPG Experts http://g10code.com
Free Software Foundation Europe http://fsfeurope.org