Hi all, for any developer willing to use OpenPGP with a python developed application currently the main choice is to go with python-gnupg, that's a wrapper on top of GnuPG binary (https://pythonhosted.org/python-gnupg/).
That's architecturally a very bad choice, plenty of constraint (for example you need to enable "/bin/sh" execution under apparmor sandboxing profile of a python application under Linux). Currently there are only two pure-python OpenPGP implementation: * PGPy: https://github.com/SecurityInnovation/PGPy * OpenPGP-Python: https://github.com/singpolyma/OpenPGP-Python Both stacks rely on Python Cryptography for Cryptographic primitives implementations https://pypi.python.org/pypi/cryptography . We're considering switching away from GnuPG for the server-side PGP processing and would like to ask an opinion to the list about those implementations. Are there anyone engaging in metrics to evaluate the security of an OpenPGP implementation and/or already evaluated PGPy/OpenPGP-Python ? -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - https://globaleaks.org - https://tor2web.org - https://ahmia.fi _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
