On 17/12/2019 14:55, Robert J. Hansen wrote: > One of my repeated complaints about GnuPG is that nobody can agree on > what it is. Is it a toolkit for building bespoke cryptographic > solutions? Is it an RFC4880 implementation meant for end-users? Is it > an RFC4880 implementation meant for MUAs? Is it... > > A lot of the things you're (rightly, I think) criticizing are the result > of this clouded vision of what GnuPG is meant to do. In the course of > trying to be all things to all people it's occasionally being very > annoying.
One of my frustrations has long been that the design is inverted - the core utility is the fully-featured CLI (gpg), and the wrapper interface is the reduced-featureset API (gpgme). This is a reflection of its history, especially PGP backwards-compatibility, but causes problems when trying to use it as a component in a larger system. Unfortunately, refactoring it to be a fully-featured API with a reduced-featureset and/or backwards-compatible CLI is a project so overwhelming that I'm sure nobody wants to take it on... -- Andrew Gallagher
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
