> I absolutely fail to see why any change to the licensing is required. > After all, this is a JS library. You can source it from anywhere and > with that fulfill LGPL with any project. I see no pro argument here.
Fair enough... > Specifically, why would you need to do OpenPGP in JS for iOS devices at > all? It should be obvious that native code is always preferred when > doing crypto, and iOS apps are native code. Native code is probably the best solution in terms of performance, yes. But would writing a custom native app for each paltform really be more secure? Being able to cover all platforms with a single codebase has its advantages in terms of security. There is less code to maintain and with that less room for implementation flaws. Of corse you could just encapsulate all relevant application code in a portable C/C++ and only do the GUI with platform specific code. But you would still always have more development overhead for each platform, than with one HTML/JS application. Im not saying the suggested solution covers all requirements in the best possible form. But I think the solution emphasizes simplicity. Also I simply dont have the resources to write a custom app for each platform. Rather than not covering a platform at all, Id rather offer A solution than no solution. But you're welcome to disagree with me on this. Tankred
_______________________________________________ http://openpgpjs.org
