KNewStuff - signed
Ingo Klöcker
kloecker at kde.org
Thu Feb 3 00:13:59 GMT 2005
On Wednesday 02 February 2005 10:44, Andras Mantia wrote:
> Security: handles signing and verifying the resources. There are two
> checks: an MD5 sum check (using KMD5) and a GPG signature check
> (using the gpg command line tool).
FWIW, the GnuPG people advice against using gpg directly. Instead you
should use gpgme. The good thing is that Marc Mutz has already written
a qgpgme wrapper (it's in kdepim/libkdenetwork). The bad thing is that
gpgme is still GPL (but this might change) and thus qgpgme is as well
which means it can't go into kdelibs currently. Moreover, we'd have a
compile-time dependency on gpgme. Anyway, it's the correct solution
because once GnuPG 2 is finished we'll even have S/MIME support for
free.
Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20050203/bf271b48/attachment.sig>
More information about the kde-core-devel
mailing list