coping with unknown keywords on --status-fd

Werner Koch wk at
Sat Sep 17 10:26:35 CEST 2016

On Fri, 16 Sep 2016 22:39, dkg at said:

> This is a lot like the "critical" flag in OpenPGP subpackets.  I

Indeed, however this is not really helpful because the most common
problem are wrong implementations and not missing new keywords.  Anyway,
if we want to do an backward incompatible change (which is what the
introduction of a '!' means) we have easier way to do that.  The
simplest would be to renamed the --status-fd option or to rename
expected status keywords.

> I'm in the process of doing a bunch of triage of consumers of this API
> within debian, and complete+successful implementations are unfortunately
> rare.

Thanks for doing that.  At our telco yesterday we briefly talked about
audits of GnuPG consumers and we consider this a Good Thing; with the
only problem that we have not enough time to do that.  I would
appreciate if you make your results availabale, so that we can write a
small HOTO on proper use of gpg by scripts and applications.

> Having a concise overview of these sort of concerns for implementers to
> review would be really helpful.  Should i advise these projects that
> they should fail/abort on encountering !-prefixed unknown status lines

You may instead want to point them to GPGME instead.  This library makes
many things easier.  Support for 2.1 feature is GPGME close to ready.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 162 bytes
Desc: not available
URL: </pipermail/attachments/20160917/0a32dc67/attachment.sig>

More information about the Gnupg-devel mailing list