[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Gnu PG is more Safe ?



> Because GnuPG is open source, it's been extensively peer reviewed and
> found safe and secure.  That doesn't mean it's perfect and has no
> errors. But they are much less likely to exist in GnuPG than in some
> other solutions; particularly proprietary ones.

Are there more than 3 current OpenPGP tools?

1) GnuPG, GPL'ed open source, based on GnuPG's own libgcrypt family of 
libraries. Many many features, including NSA SuiteB support. Widely used 
in scripts, relied on by Thunderbird EnigMail, and other tools.

2) NetPGP, BSD'ed open source, depends on libOpenSSL, and it's own 
OpenPGP:SDK (C library). Basic features only, more like last pgpi.org 
PGP 2.x open source command line tool. Very few ports, besides NetBSD 
(NetPGP's sponsor). less peer review than GPG. No NSA SuiteB support 
(though libOpenSSL does support it). Someone needs to add SuiteB 
support, and a few more ports, support for opensource keyservers, and 
SuiteB, then it would be a nice option.

3) PGP product Symantec/PGPcorp. extremely expensive, closed source, 
patented keyserver tech, zero community review. Apparently a rich set of 
features for commercial enterprise use.

If there are other open source OpenPGP tools besides GnuPG and NetPGP, 
that would be welcome news.