Should GnuPG 1.4.x be revived?

Toshio Kuratomi a.badger at gmail.com
Tue Jul 13 15:52:11 UTC 2010


On Tue, Jul 13, 2010 at 10:54:06AM +0200, Karel Klic wrote:
> Hi,
> 
> several users of Emacs and one user of Vim complained in rhbz#574406 [1]
> that they can no longer use their editor to open and edit gpg-encrypted 
> files in Fedora 13.
> 
> The reason is that GnuPG 1.4 was deprecated after Fedora 12 release, and 
> GnuPG 2 was introduced to replace it. However, GnuPG 2 is not entirely 
> compatible with GnuPG 1.4.
> 
> I looked at GnuPG 2 and it seems that it would be very difficult to 
> modify Emacs and Vim to support it. GnuPG 2 does not allow to enter a 
> password using shell -- it needs entire terminal (as it uses ncurses 
> program pinentry-curses).
> Text editors can use only shell to send a password to GnuPG.
> 
> What about reviving GnuPG 1.4? It is maintained, secure, supported, and 
> its integration into text editors is used extensively and works well. It 
> can live alongside GnuPG 2.
> 
> What do you think? Any idea how to solve this issue?
> 
Having gpg1 and gpg2 seems reasonable to me.

Note, though, that the problem is slightly more limited in scope.  At least
with vim, if you have an X display, gpg2 will invoke the graphical pinentry
where you can enter your passphrase and go about your business.

Plain console, remote sessions that are not allowed to send the graphical
window back to the local session, and systems that don't have the graphical
pinentry programs installed will all experience this problem, though.

-Toshio
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20100713/443e7c46/attachment.bin 


More information about the devel mailing list