On Wed, 4 Jan 2012 14:27, [email protected] said: > problem. Though gpg2.1 has lots of wonderful features, it IS a much > bigger, much more complex package. I've always liked the fact that
Not really. Sure it has some extra features like S/MIME but you can disable them. A benefit is, that it is modularized, This allows us to make changes in one module without affecting the stability of another module. The modules can be separately tested and due to the well-defined interface it is much easier to debug. > gpg1.4 can be built relatively simply, and the code-base looks That is true. But how many of you are using 20 years old Unix versions? Is it really justified to spend so much time on it? > downloading and building. People using gpg2 often have to rely on > third-party packagers. There is a Makefile in gnupg/scripts/gpg-w32-dev which can easily be adjusted for Unix systems. It builds GnuPG 2.x and all libraries. > expert, but I'd have thought that would be easier if deploying 1.4. > Perhaps that is wrong, and in fact people can have better confidence > in the new version. The code in 2.0 is quite better than the cruft we collected of many years in 1.4 ;-). > I suppose I'd imagined that once the ECC code was written it would > effectively be a module that could be integrated relatively easily > into the old code. I do understand if that's not the case, but there > are reasons why 1.4 is still so popular. Do you think those reasons I don't know why 1.4 is so popular. For a server, okay. But for a desktop, I really don't understand it. Even for a server 2.1 will be much better suited than the old 1.4. ECC is not just another plug-in algorithm but requires a lot more code. In Libgcrypt we can easily improve the performance, while doing this in 1.4 can not be justified. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
