support for non-openpgp cards
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Sat Nov 20 07:40:10 CET 2004
Simon Josefsson <jas at extundo.com> writes:
>Then we could try to fix those buggy implementations, and improve the
>specification.
That'll never happen. Many vendors won't even *respond* to bug reports, let
alone try and fix them. If you're a major customer and you have a showstopper
bug you can probably get it fixed if sales are hinging on it, but that's about
it.
(OK, all vendors aren't that bad, particularly if you can figure out how to
get past their wetware firewalls to the techies, but in general it doesn't
look good).
>Meanwhile, a realistic way forward might be to write clean code that rely on
>unambiguous APIs, and move the bug workaround ugliness into some library that
>talks with the drivers.
Urgh, then you end up with a huge pile of mapping layers, one for each driver
version (not just driver vendor, but individual driver version). The way to
do this is to write lowest-common-demoninator code that works for most
drivers. As I mentioned in a previous message, I've already done this for
almost everything that's out there.
>Then ideally, over time, as implementations are improved,
This assumes that implementations will improve over time.
Peter.
More information about the Gnupg-devel
mailing list