Christoph, we are using a mutt here with gpgme for a long time (several years) and it is stable. Can you be more specific about the problems that block adding gpgme support?
As for the priority, I guess a raise in priority could be considered for two reasons: a) AFAIR mutt does not see the password if gpgme is used, thus this is security in depth by seperating components. E.g. if mutt has the passphrase, it probably will be swapped out to disc, while gpg-agent tried hard to avoid this (though does not always succeed). b) gpgme uses gpgsm for s/mime which has good defaults for using CRLs and really evaluating the trust chain. Again AFAIR openssl is more difficult and harder to configure to do this. (As an example what can happen if no mechanism like CRLs are used, see the problem that CAs now face after the Debian Openssl desaster it would be way better if CRLs would be checked.) Best, Bernhard -- Managing Director - Owner: www.intevation.net (Free Software Company) Germany Coordinator: fsfeurope.org. Coordinator: www.Kolab-Konsortium.com. Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998 Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
pgp7uoaD0xwBl.pgp
Description: PGP signature