[gnutls-dev] OpenCDK comments

Simon Josefsson simon at josefsson.org
Fri Apr 20 14:42:53 CEST 2007


I looked over OpenCDK HEAD and some comments:

* Can't we officially deprecate keygen.c and its interfaces, in the
  same way that the trustdb.c interfaces have been deprecated?  I'd
  rather recommend people to use GnuPG to generate OpenPGP keys,
  especially since GnuTLS doesn't have a command-line interface for
  OpenCDK to generate keys.

* Is the keyserver stuff needed?  It seems limited compared to the new
  GnuPG keyserver stuff.  I'm not sure GnuTLS ever needs this
  functionality.  I think the best solution is to use GnuPG's
  keyserver infrastructure instead.  I think we could deprecate this
  too.

* I'd recomment that we use gnulib for CRC, Base64, several misc.c
  functions, etc.

* Does keydb.c implement some disk-format for key databases?  Is it
  the GnuPG format?

* We probably should review the libgcrypt init code to make sure it
  doesn't conflict with how GnuTLS initialize libgcrypt.

* Where is stream-socket.c used?  keyservers?  Maybe it could be
  removed too, if keyserver stuff is removed.

/Simon




More information about the Gnutls-devel mailing list