Usability of OpenSSL vs GNUPG
bex at pobox.com
Sun Dec 15 17:41:30 CET 2019
On Sun, Dec 15, 2019, at 2:05 AM, Dave via Gnupg-users wrote:
> I’ve been playing around some with OpenSSL recently, and it seems to me
> that the OpenSSL command structure is rather convoluted. I’ve read a
> number of articles, blog posts, etc. that criticize GNUPG and even make
> the case that people should stop using it, in large part because of
> concerns around the GNUPG command structure and general usability.
Most of the criticism I have seen is that it is difficult for the target users of a specific use case to use gpg effectively to protect themselves. This is things like message/email encryption/verification.
> I can’t recall encountering any similar complaints about OpenSSL. I
> find this somewhat curious, and am wondering if there are OpenSSL
> detractors out there that I simply haven’t come across or if the
> OpenSSL command structure isn’t as complicated as it seems to me. Or if
> it seems to others that OpenSSL doesn’t get the same level of criticism
> as GNUPG does for usability, although the tools seem to offer a
> generally similar user experience.
I haven't seen OpenSSL pitched as the GPG replacement here, possibly for the reasons you cite. Mostly I see, use application X (Signal, etc.) and don't believe email can reasonably be secured without ALL parties being "experts" at GPG. The one use case no one seems to have a replacement for is "encrypt this file on disk for me to use later."
> I suppose that OpenSSL is geared toward a very technical and
> security-aware user base, who aren’t likely to complain about usability
> issues – while GNUPG is a tool that could be used by all sorts of
> users, some of whom are definitely not technically inclined or
> interested in details of information security. That alone could explain
> the difference, I suppose. But I’m wondering if anyone has any other
> thoughts around this topic.
My understanding is that most people encounter OpenSSL configured by someone else who is presumably a technical expert.
What usecases do you have in mind?
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
More information about the Gnupg-users