Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20171207211559.fhrmtg7wul36znzp@scully.more-magic.net>
Date: Thu, 7 Dec 2017 22:15:59 +0100
From: Peter Bex <peter@...e-magic.net>
To: oss-security@...ts.openwall.com
Subject: Re: Recommendations GnuPG-2 replacement

On Thu, Dec 07, 2017 at 10:01:34PM +0100, Solar Designer wrote:
> On Thu, Dec 07, 2017 at 03:15:06PM +0000, Jeremy Stanley wrote:
> > Sounds like my use case is likely not your use case, so perhaps you
> > should look at the signify utility OpenBSD developed for this
> > purpose instead? It's included in Debian since Stretch under the
> > package name "signify-openbsd" and seems to work well; I've used it
> > semi-regularly as I tend to do a lot of cross-platform things in a
> > mixed Debian/OpenBSD environment.
> 
> There's also asignify:
> 
> https://github.com/vstakhov/asignify

As for free GPG-compatible alternatives, I happened to remember that
years ago, NetBSD was working on their own BSD-licensed PGP
implementation as a GSoC project, but it never really went anywhere.
Looks like that finally exists now:
http://netbsd.gw.com/cgi-bin/man-cgi?netpgp++NetBSD-current

I don't know if it's any good or if it can be easily ported to Linux
but it could be worth investigating if you really want to avoid GPG,
and it should probably be a lot simpler.

Cheers,
Peter

Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.