diff options
Diffstat (limited to 'contrib/why-gnupg')
| -rw-r--r-- | contrib/why-gnupg | 80 |
1 files changed, 0 insertions, 80 deletions
diff --git a/contrib/why-gnupg b/contrib/why-gnupg deleted file mode 100644 index 289b9af8c..000000000 --- a/contrib/why-gnupg +++ /dev/null @@ -1,80 +0,0 @@ -Why to use GnuPG and not PGP. ------------------------------ - - * PGP 2 is nearly Free Software but encumbered by the IDEA patent. - - * PGP 2 is old, hard to maintain and limited to one set of - encryption algorithms (RSA + IDEA) - - * PGP 2 is not a GNU or Unix Program and threfore not easy to use in - those environments - - * PGP 2 has a couple of minor security flaws - - * PGP 5 and 6 are more or less OpenPGP conform but proprietray - software. Source code is available but there is no way to be sure - that the distributed binary versions do match the source code. - Parts of the source code are not published. It is illegal to - build versions of PGP from source and distribute them (IIRC, there - is an exception for private users). - - * PGP 5 and 6 are not fullty OpenPGP compliant - - * PGP 7 is claimed to be OpenPGP compliant but the source code is - not anymore published. - - * At least versions before 6.5.8 had severe coding bugs. We don't - know about PGP 7. - - * PGP 5, 6 and 7 implement complicated methods for key recovering in - corporate environments. Although this is not a hidden feature, - this leads to more code and bugs. - - * NAI as the vendor of PGP seems to be a major government contractor. - - * Given the history of known backdoors in other proprietary software - (e.g. Lotus Notes), some folks claim that there might also be - backdoors in PGP 5, 6 and 7. Now there are even more rumors after - Phil Zimmermann left NAI. - - * GnuPG is Free Software under the GNU GPL. It does not use - patented algorithms. - - * Everyone is able to scrutinize the source code, build, distribute - and use versions of his own or from a trusted party he chooses. - - * The build environment is also Free Software and therefore less - likely tampered with malicious code. The exception here is the MS - Windows version of GnuPG where the OS is proprietary. The binary - version however is build using an entirely Free Software OS and - toolchain (cross-platfrom development under GNU/Linux). - - * Security fixes are provided very fast. - - * GnuPG is a standard tool in all GNU/Linux systems and used in many - different environments. - - * GnuPG gives reasonable messages and not just "Error encrypting". - - * GnuPG supports most of the optional features of the OpenPGP standard. - - * GnuPG comes with internationalization support for 16 languages. - - * Graphical frontends are available and they divert the task of - the actual cryptographic operations to GnuPG as a specialized tool - for this. A library called GPGME is available which makes - interfacing of GnuPG with other programs quite easy. - - * GnuPG is available for all GNU and Unix platforms as well as for - all MS Windows Operating systems. Porting to VMS, MAC OSX and - OS/2 is nearly finished. - - - - - - - - - - |