Should GnuPG 1.4.x be revived?

Tue Jul 13 10:38:40 UTC 2010

On 07/13/2010 10:51 AM, Daniel P. Berrange wrote:
> On Tue, Jul 13, 2010 at 09:57:38AM +0100, Andrew Haley wrote:
>> On 07/13/2010 09:54 AM, Karel Klic wrote:
>>>
>>> several users of Emacs and one user of Vim complained in rhbz#574406 [1]
>>> that they can no longer use their editor to open and edit gpg-encrypted 
>>> files in Fedora 13.
>>>
>>> The reason is that GnuPG 1.4 was deprecated after Fedora 12 release, and 
>>> GnuPG 2 was introduced to replace it. However, GnuPG 2 is not entirely 
>>> compatible with GnuPG 1.4.
>>>
>>> I looked at GnuPG 2 and it seems that it would be very difficult to 
>>> modify Emacs and Vim to support it. GnuPG 2 does not allow to enter a 
>>> password using shell -- it needs entire terminal (as it uses ncurses 
>>> program pinentry-curses).
>>> Text editors can use only shell to send a password to GnuPG.
>>>
>>> What about reviving GnuPG 1.4? It is maintained, secure, supported, and 
>>> its integration into text editors is used extensively and works well. It 
>>> can live alongside GnuPG 2.
>>>
>>> What do you think? Any idea how to solve this issue?
>>
>> This one really must be addressed upstream.  It's absurd that GnuPG
>> doesn't work with GNU Emacs.  If needs be, Richard Stallman is quite
>> capable of knocking the maintainers' heads together.
> 
> That is certainly the good approach to get a long term solution for
> Fedora, but it isn't much use for people using Fedora 13 today who
> have broken gpg support. It sounds like a compat-gnupg14 package is
> a  reasonable approach to fixing this in Fedora 13 stable, and likely
> also Fedora 14 if  upstream don't get their act together quickly enough
> for that release.

Sure.  This sounds like the right approach for now.

Andrew.