Looking for GnuPG-compatible library for server application

Bernd R. Fix bernd at wauland.de
Sat Oct 20 13:35:40 CEST 2012

Hash: SHA256

Am 19.10.2012 22:34, schrieb Werner Koch:
> Technically this is not required.  GPGME has been designed to allow 
> running the engines as co-process, communicating over pipes with
> gpg. This has already been implemented for gpgsm (aka S/MIME), but
> not yet for gpg.  That plan is to also have gpg running as a
> co-process.  There is already some code in gpg to do this for verify
> but it needs to be extended.

Understood and I don't mind if the problem can be solved without a
linkable OpenPGP library - as long as the requirements are meet:

The server application uses 384-bit ECDSA/ECDH keypairs, so this
approach will also require some additional work on the GnuPG-2.1 release
itself (aside from making it possible to run it as a co-process within

Am I correct that each server thread requires its own GPGME/GnuPG
instance? If that is the case, it would be nice if instances can be
pooled as threads come and go frequently.

But to be honest: I am not sure if gpg2 (with the mandatory gpg-agent
instance to handle private keys) is suitable at all for a server
environment where there are some 20'000 *private* keys (and counting).
- From our experience gpg2 does not scale well with increasing number of
private keys (although I have to admit that the project uses a very
early GnuPG-2.1 implementation and not the latest from the unstable branch).

But maybe I shouldn't bother the whole list with such details and I will
try to explain our problems and requirements in a private email to
anyone willing to help.

>> Are any GnuPG developers willing to code such a library? The
>> project has
> My I race my hand ;-)

I appriciate your offer to help. I will describe the problem, financial
issues and timetables in a private email. I have to travel a lot the
next five days (including meetings), so I am not sure if I can send that
email before the next weekend. Hope you don't mind.

Cheers, Bernd.
- -- 

Wau-Holland-Stiftung                   W
Postfach 65 04 43              H O L L A N D
22364 Hamburg/Germany        S T I F T U N G

Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/


More information about the Gnupg-devel mailing list