On Wed, Dec 13, 2000 at 01:56:21PM -0800, Myrddin muttered:
> Just like the subject says.
>
> I see on the mutt homepage that gnupg is recommended over pgp. Are there
> reasons for this beyond the whole 'use gnu whenever possible because of their
> licensing'? Or are there real, functional reasons behind choosing gnupg over
> pgp?
One reason is security. GPG is free software, PGP is captive. This means
you can get the GPG source, read it and compile it for yourself.
All very well, you may say, but I am not a programmer; I wouldn't know a
security hole if it lept out and bit me on the kneecap.
True enough, and I might add that even with more than 20 years experience
as a software engineer I have not looked at the source for GPG. But I can
rely on the fact that may other people, almost all of them outside the
development team, have already done so.
To paraphrase Eric Raymond's dictum in The Cathedral and the Bazaar, given
enough eyeballs, all security holes are shallow. And GPG has had far more
eyeballs go over it than recent versions of PGP.
--
-- C^2
No windows were crashed in the making of this email.
Looking for fine software and/or web pages?
http://w3.trib.com/~ccurley
