Usability of OpenSSL vs GNUPG

Andrew Gallagher andrewg at
Tue Dec 17 16:09:40 CET 2019

On 17/12/2019 14:55, Robert J. Hansen wrote:
> One of my repeated complaints about GnuPG is that nobody can agree on
> what it is.  Is it a toolkit for building bespoke cryptographic
> solutions?  Is it an RFC4880 implementation meant for end-users?  Is it
> an RFC4880 implementation meant for MUAs?  Is it...
> A lot of the things you're (rightly, I think) criticizing are the result
> of this clouded vision of what GnuPG is meant to do.  In the course of
> trying to be all things to all people it's occasionally being very
> annoying.

One of my frustrations has long been that the design is inverted - the
core utility is the fully-featured CLI (gpg), and the wrapper interface
is the reduced-featureset API (gpgme). This is a reflection of its
history, especially PGP backwards-compatibility, but causes problems
when trying to use it as a component in a larger system. Unfortunately,
refactoring it to be a fully-featured API with a reduced-featureset
and/or backwards-compatible CLI is a project so overwhelming that I'm
sure nobody wants to take it on...

Andrew Gallagher

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Gnupg-users mailing list