gnutls + openpgp

Nikos Mavrogiannopoulos n.mavrogiannopoulos at
Sun Nov 4 12:05:04 CET 2012

On 11/03/2012 10:01 PM, Richard Moore wrote:

> On 3 November 2012 19:26, Nikos Mavrogiannopoulos <nmav at> wrote:
>> And even more, if it is shown they are not widely used, does it make
>> sense to support openpgp keys in gnutls at all?
> If they're not used, then supporting them simply means gnutls has a
> bigger attack surface for no benefit.

This is not really true. One needs to specifically enable the openpgp.
That codebase doesn't affect an application which is only using the
X.509 part of gnutls. The main concern IMO, is the maintenance cost, and
it'd be better not to have it if there are no users of the subsystem.


More information about the Gnutls-help mailing list