Future OpenPGP Support in Thunderbird

Patrick Brunschwig patrick at enigmail.net
Thu Oct 17 17:40:03 CEST 2019


Binarus wrote on 16.10.2019 17:37:
> 
> 
> On 16.10.2019 13:07, Patrick Brunschwig wrote:
>> worry for me. The main problem is the additional complexity that it
>> brings if you require an external component that you cannot *fully*
>> control. This covers topics like different behavior of different
>> versions, but also configuration issues, users rights to install
>> something on their PC and more. Gpgme may handle some of these issues,
>> but the fact remains: an external component makes things a lot more
>> complex, especially for support.
> 
> I think this is the usual trade-off. One has to put time
> 
> - either in understanding the APIs and command line parameters of a
> library / utility, and to keep up with changes, or
> 
> - in re-inventing the wheel, which in this case for sure will cost much
> more time and eventually produce catastrophic security breaches and
> software which is drastically inferior compared to what we have now.
> 
> After all, everybody uses libraries and utilities. It is just reasonable
> to have an expert work on a library or utility which uses techniques and
> mathematical stuff which non-specialists never will understand in
> detail, and have the non-specialists use that library or utility,
> instead of letting them re-develop the same stuff, probably introducing
> all sorts of security flaws and producing inferior software.
> 
> When I have a bash script under Linux which invokes a compiler using a
> complicated command line, I wouldn't come to the idea to re-develop that
> compiler and integrate it directly into bash because that compiler's
> command line switches could change in the next version ...
> 
> I am still convinced that re-writing GnuPG (including all functions like
> hardware tokens, subject encryption etc.) in a secure manner is a
> hundred times more complex and a million times more error-prone than
> tracking a few changes to its command line switches or error codes ever
> could be. Apart from that, there is GpgME, as already has been stated.

In all cases, we certainly won't re-write GnuPG or similar. The question
on the table is: do we continue to use GnuPG (be it directly or via
gpgme), or do we use a different OpenPGP implementation (and if yes
which one). There are certainly good arguments for both.

-Patrick



More information about the Gnupg-users mailing list