[Pkg-gnupg-maint] Bug#709104: Bug#709104: Should not Depends or Recommends gnupg-agent

Daniel Kahn Gillmor dkg at fifthhorseman.net
Mon Jan 5 16:40:58 UTC 2015

On 01/04/2015 07:27 PM, Josh Triplett wrote:
> On Sun, Jan 04, 2015 at 06:16:34PM -0500, Eric Dorland wrote:
>> Control: tags -1 wontfix
>> * Josh Triplett (josh at joshtriplett.org) wrote:
>>> Package: gnupg2
>>> Followup-For: Bug #709104
>>> Another possible alternative that would address this bug: modify the
>>> existing dependency on gnupg-agent to allow alternative implementations
>>> of the agent protocol, such as gnome-keyring.
>>> (To respond to an earlier message: gnome-keyring does not "proxy"
>>> gpg-agent or ssh-agent, it replaces them completely.)
>> So to summarize, there's basically two bugs. One is the dependency set
>> pulled in by pinentry-gtk2, which is better tracked in #753163.
>> Given the further coupling of gpg-agent and gpg in 2.1 I don't think
>> we can relax the dependency.
> Fair enough.  Perhaps in a future version of GPG, when GPG manages to
> factor out a library or two, we can revisit this.

fwiw, modern versions of gpg has factored out not only three libraries
(libgpg-error, libgcrypt, and libassuan), but has also defined external
co- or child-process interfaces for many specific functions (e.g.
gpg-agent for all secret key material, dirmngr for network interactions,
and pinentry for user-prompting).

It's not great: they aren't all factored out in the way that works best
with the rest of the ecosystem; and they're not all easily replaceable;
and those that have tried to replace them have had a variety of problems
doing so cleanly.

But it's not clear to me that *more* factoring out is needed right now.
 if anything, i think the idiosyncratic interfaces are the things that
hinder modularity here.

Josh, are there specific refactorings that you think are important?  If
so, feel free to describe them to me (offlist, or on pkg-gnupg-maint
would be fine); i'd be happy to try to advocate for your suggestions



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 949 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20150105/150d96ba/attachment.sig>

More information about the Pkg-gnupg-maint mailing list