Date: Thu, 7 Dec 2017 22:15:59 +0100 From: Peter Bex <peter@...e-magic.net> To: oss-security@...ts.openwall.com Subject: Re: Recommendations GnuPG-2 replacement On Thu, Dec 07, 2017 at 10:01:34PM +0100, Solar Designer wrote: > On Thu, Dec 07, 2017 at 03:15:06PM +0000, Jeremy Stanley wrote: > > Sounds like my use case is likely not your use case, so perhaps you > > should look at the signify utility OpenBSD developed for this > > purpose instead? It's included in Debian since Stretch under the > > package name "signify-openbsd" and seems to work well; I've used it > > semi-regularly as I tend to do a lot of cross-platform things in a > > mixed Debian/OpenBSD environment. > > There's also asignify: > > https://github.com/vstakhov/asignify As for free GPG-compatible alternatives, I happened to remember that years ago, NetBSD was working on their own BSD-licensed PGP implementation as a GSoC project, but it never really went anywhere. Looks like that finally exists now: http://netbsd.gw.com/cgi-bin/man-cgi?netpgp++NetBSD-current I don't know if it's any good or if it can be easily ported to Linux but it could be worth investigating if you really want to avoid GPG, and it should probably be a lot simpler. Cheers, Peter Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ