Your Thoughts

Andrew Gallagher andrewg at
Mon Jul 1 16:38:22 CEST 2019

On 2019/07/01 15:13, Stefan Claas via Gnupg-users wrote:
> I agree with Professor Green. Maybe he and his students can
> program a POC something more simple, preferably in Golang and
> while using the NaCl* library.

Golang? Not Rust? :-P

I do find it odd how many projects make such a big deal of what language
they're written in. It shouldn't matter what language you use so long as
it works (and is memory safe).

> There was back then no Enigmail or other
> MUA plug-ins and you could simply copy and paste your messages.

Who wants to copy and paste messages? That's soooo 1995.

> A real "modern" GnuPG should be IMHO the same as PGP was GUI based
> back then. The GUI could be also cross-platform QT based, for
> example.

You can't script a GUI, but you can GUI a CLI - and there is no shortage
of decent GUI interfaces for GnuPG.

> I also don't understand why GnuPG needs so many components, like
> pinentry, dirmngr and gpg-agent plus GnuPG itself, while MacPGP
> from Mr Zimmermann was only one program.

Most of those are separate because of security concerns. Monolithic
systems may look simpler from the outside, but they're often a bucket of
bolts on the inside. Role separation is your friend.

> *And regarding key formats, standards, RFC's etc. my new NaCl
> (pronounced salt) pub key which I use now with friends for email
> communication looks like this :-) :

Yes, it is possible to make very short public keys by stripping all
non-mathematical information and using ECC (SSH's ECC keys are similarly
terse). I'm skeptical of the long-term safety of ECC though (the NSA
appears to agree[1]) so while it may be worth using for session keys I'm
not going to trust it with my long-term identity. And the
non-mathematical information has its uses if you're maintaining any sort
of PKI.


Andrew Gallagher

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Gnupg-users mailing list